lytedev/nix
1
0
Fork 1
Code Issues Pull requests 1 Actions Packages Projects Releases Wiki Activity

Commenting
All checks were successful
/ check (push) Successful in 3m46s
Details

Browse source
This commit is contained in:
Daniel Flanagan 2024-09-12 11:58:24 -05:00
parent a633ccc36f
commit a7ec834c6a
15 changed files with 1571 additions and 1417 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

34
disko/default.nix
View file

@ -6,10 +6,12 @@ in {
swapSize,
...
}: {
# this is my standard partitioning scheme for my machines which probably want hibernation capabilities
# a UEFI-compatible boot partition
# it includes an LUKS-encrypted btrfs volume
# a swap partition big enough to dump all the machine's RAM into
/*
this is my standard partitioning scheme for my machines which probably want hibernation capabilities
a UEFI-compatible boot partition
it includes an LUKS-encrypted btrfs volume
a swap partition big enough to dump all the machine's RAM into
*/
disko.devices = {
disk = {
@ -195,9 +197,11 @@ in {
beefcake = let
zpools = {
zroot = {
# TODO: at the time of writing, disko does not support draid6
# so I'm building/managing the array manually for the time being
# the root pool is just a single disk right now
/*
TODO: at the time of writing, disko does not support draid6
so I'm building/managing the array manually for the time being
the root pool is just a single disk right now
*/
name = "zroot";
config = {
type = "zpool";
@ -242,9 +246,11 @@ in {
keylocation = "file:///tmp/secret.key";
};
# use this to read the key during boot
# postCreateHook = ''
# zfs set keylocation="prompt" "zroot/$name";
# '';
/*
postCreateHook = ''
zfs set keylocation="prompt" "zroot/$name";
'';
*/
};
"encrypted/test" = {
type = "zfs_fs";
@ -254,9 +260,11 @@ in {
};
};
zstorage = {
# PARITY_COUNT=3 NUM_DRIVES=8 HOT_SPARES=2 sudo -E zpool create -f -O mountpoint=none -O compression=on -O xattr=sa -O acltype=posixacl -o ashift=12 -O atime=off -O recordsize=64K zstorage draid{$PARITY_COUNT}:{$NUM_DRIVES}c:{$HOT_SPARES}s /dev/disk/by-id/scsi-35000039548cb637c /dev/disk/by-id/scsi-35000039548cb7c8c /dev/disk/by-id/scsi-35000039548cb85c8 /dev/disk/by-id/scsi-35000039548d9b504 /dev/disk/by-id/scsi-35000039548da2b08 /dev/disk/by-id/scsi-35000039548dad2fc /dev/disk/by-id/scsi-350000399384be921 /dev/disk/by-id/scsi-35000039548db096c
# sudo zfs create -o mountpoint=legacy zstorage/nix
# sudo zfs create -o canmount=on -o mountpoint=/storage zstorage/storage
/*
PARITY_COUNT=3 NUM_DRIVES=8 HOT_SPARES=2 sudo -E zpool create -f -O mountpoint=none -O compression=on -O xattr=sa -O acltype=posixacl -o ashift=12 -O atime=off -O recordsize=64K zstorage draid{$PARITY_COUNT}:{$NUM_DRIVES}c:{$HOT_SPARES}s /dev/disk/by-id/scsi-35000039548cb637c /dev/disk/by-id/scsi-35000039548cb7c8c /dev/disk/by-id/scsi-35000039548cb85c8 /dev/disk/by-id/scsi-35000039548d9b504 /dev/disk/by-id/scsi-35000039548da2b08 /dev/disk/by-id/scsi-35000039548dad2fc /dev/disk/by-id/scsi-350000399384be921 /dev/disk/by-id/scsi-35000039548db096c
sudo zfs create -o mountpoint=legacy zstorage/nix
sudo zfs create -o canmount=on -o mountpoint=/storage zstorage/storage
*/
name = "zstorage";
config = {};
};

406
modules/home-manager/default.nix
View file

@ -16,16 +16,18 @@
config = {
theme = "ansi";
};
# themes = {
# "Catppuccin-mocha" = builtins.readFile (pkgs.fetchFromGitHub
# {
# owner = "catppuccin";
# repo = "bat";
# rev = "477622171ec0529505b0ca3cada68fc9433648c6";
# sha256 = "6WVKQErGdaqb++oaXnY3i6/GuH2FhTgK0v4TN4Y0Wbw=";
# }
# + "/Catppuccin-mocha.tmTheme");
# };
/*
themes = {
"Catppuccin-mocha" = builtins.readFile (pkgs.fetchFromGitHub
{
owner = "catppuccin";
repo = "bat";
rev = "477622171ec0529505b0ca3cada68fc9433648c6";
sha256 = "6WVKQErGdaqb++oaXnY3i6/GuH2FhTgK0v4TN4Y0Wbw=";
}
+ "/Catppuccin-mocha.tmTheme");
};
*/
};
home.shellAliases = {
@ -38,8 +40,10 @@
emacs = {pkgs, ...}: {
programs.emacs = {
enable = true;
# extraConfig = ''
# '';
/*
extraConfig = ''
'';
*/
extraPackages = epkgs: (with epkgs; [
magit
]);
@ -61,9 +65,11 @@
'';
};
# home.sessionVariables = {
# RUSTDOCFLAGS = "--default-theme=ayu";
# };
/*
home.sessionVariables = {
RUSTDOCFLAGS = "--default-theme=ayu";
};
*/
};
common = {
@ -79,10 +85,13 @@
homeManagerModules.helix
git
zellij
# broot
# nnn
htop
# tmux
/*
broot
nnn
tmux
*/
];
programs.home-manager.enable = true;
@ -158,10 +167,12 @@
programs.fzf = {
# using good ol' fzf until skim sucks less out of the box I guess
enable = true;
# enableFishIntegration = true;
# defaultCommand = "fd --type f";
# defaultOptions = ["--height 40%"];
# fileWidgetOptions = ["--preview 'head {}'"];
/*
enableFishIntegration = true;
defaultCommand = "fd --type f";
defaultOptions = ["--height 40%"];
fileWidgetOptions = ["--preview 'head {}'"];
*/
};
# TODO: regular cron or something?
@ -184,8 +195,10 @@
firefox = {pkgs, ...}: {
programs.firefox = {
# TODO: this should be able to work on macos, no?
# TODO: enable dark theme by default
/*
TODO: this should be able to work on macos, no?
TODO: enable color scheme/theme by default
*/
enable = true;
# TODO: uses nixpkgs.pass so pass otp doesn't work
@ -196,9 +209,11 @@
];
};
# extensions = with pkgs.nur.repos.rycee.firefox-addons; [
# ublock-origin
# ]; # TODO: would be nice to have _all_ my firefox stuff managed here instead of Firefox Sync maybe?
/*
extensions = with pkgs.nur.repos.rycee.firefox-addons; [
ublock-origin
]; # TODO: would be nice to have _all_ my firefox stuff managed here instead of Firefox Sync maybe?
*/
profiles = {
daniel = {
@ -221,8 +236,10 @@
}
'';
# userContent = ''
# '';
/*
userContent = ''
'';
*/
};
};
};
@ -360,10 +377,12 @@
enable = true;
};
# signing = {
# signByDefault = false;
# key = ~/.ssh/personal-ed25519;
# };
/*
signing = {
signByDefault = false;
key = ~/.ssh/personal-ed25519;
};
*/
aliases = {
a = "add -A";
@ -487,11 +506,13 @@
'';
};
# NOTE: Currently, helix crashes when editing markdown in certain scenarios,
# presumably due to an old markdown treesitter grammar
# https://github.com/helix-editor/helix/issues/9011
# https://github.com/helix-editor/helix/issues/8821
# https://github.com/tree-sitter-grammars/tree-sitter-markdown/issues/114
/*
NOTE: Currently, helix crashes when editing markdown in certain scenarios,
presumably due to an old markdown treesitter grammar
https://github.com/helix-editor/helix/issues/9011
https://github.com/helix-editor/helix/issues/8821
https://github.com/tree-sitter-grammars/tree-sitter-markdown/issues/114
*/
programs.helix = {
enable = true;
@ -503,41 +524,45 @@
args = ["start"];
};
# next-ls = {
# command = "next-ls";
# args = ["--stdout"];
# };
/*
next-ls = {
command = "next-ls";
args = ["--stdout"];
};
# deno = {
# command = "deno";
# args = ["lsp"];
# config = {
# enable = true;
# lint = true;
# unstable = true;
# };
# };
deno = {
command = "deno";
args = ["lsp"];
config = {
enable = true;
lint = true;
unstable = true;
};
};
*/
};
language = [
# {
# name = "heex";
# scope = "source.heex";
# injection-regex = "heex";
# language-servers = ["lexical"]; # "lexical" "next-ls" ?
# auto-format = true;
# file-types = ["heex"];
# roots = ["mix.exs" "mix.lock"];
# indent = {
# tab-width = 2;
# unit = " ";
# };
# }
# {
# name = "elixir";
# language-servers = ["lexical"]; # "lexical" "next-ls" ?
# auto-format = true;
# }
/*
{
name = "heex";
scope = "source.heex";
injection-regex = "heex";
language-servers = ["lexical"]; # "lexical" "next-ls" ?
auto-format = true;
file-types = ["heex"];
roots = ["mix.exs" "mix.lock"];
indent = {
tab-width = 2;
unit = " ";
};
}
{
name = "elixir";
language-servers = ["lexical"]; # "lexical" "next-ls" ?
auto-format = true;
}
*/
{
name = "rust";
@ -596,65 +621,67 @@
auto-format = true;
}
# {
# name = "javascript";
# language-id = "javascript";
# grammar = "javascript";
# scope = "source.js";
# injection-regex = "^(js|javascript)$";
# file-types = ["js" "mjs"];
# shebangs = ["deno"];
# language-servers = ["deno"];
# roots = ["deno.jsonc" "deno.json"];
# formatter = {
# command = "deno";
# args = ["fmt"];
# };
# auto-format = true;
# comment-token = "//";
# indent = {
# tab-width = 2;
# unit = "\t";
# };
# }
/*
{
name = "javascript";
language-id = "javascript";
grammar = "javascript";
scope = "source.js";
injection-regex = "^(js|javascript)$";
file-types = ["js" "mjs"];
shebangs = ["deno"];
language-servers = ["deno"];
roots = ["deno.jsonc" "deno.json"];
formatter = {
command = "deno";
args = ["fmt"];
};
auto-format = true;
comment-token = "//";
indent = {
tab-width = 2;
unit = "\t";
};
}
# {
# name = "typescript";
# language-id = "typescript";
# grammar = "typescript";
# scope = "source.ts";
# injection-regex = "^(ts|typescript)$";
# file-types = ["ts"];
# shebangs = ["deno"];
# language-servers = ["deno"];
# roots = ["deno.jsonc" "deno.json"];
# formatter = {
# command = "deno";
# args = ["fmt"];
# };
# auto-format = true;
# comment-token = "//";
# indent = {
# tab-width = 2;
# unit = "\t";
# };
# }
{
name = "typescript";
language-id = "typescript";
grammar = "typescript";
scope = "source.ts";
injection-regex = "^(ts|typescript)$";
file-types = ["ts"];
shebangs = ["deno"];
language-servers = ["deno"];
roots = ["deno.jsonc" "deno.json"];
formatter = {
command = "deno";
args = ["fmt"];
};
auto-format = true;
comment-token = "//";
indent = {
tab-width = 2;
unit = "\t";
};
}
# {
# name = "jsonc";
# language-id = "json";
# grammar = "jsonc";
# scope = "source.jsonc";
# injection-regex = "^(jsonc)$";
# roots = ["deno.jsonc" "deno.json"];
# file-types = ["jsonc"];
# language-servers = ["deno"];
# indent = {
# tab-width = 2;
# unit = " ";
# };
# auto-format = true;
# }
{
name = "jsonc";
language-id = "json";
grammar = "jsonc";
scope = "source.jsonc";
injection-regex = "^(jsonc)$";
roots = ["deno.jsonc" "deno.json"];
file-types = ["jsonc"];
language-servers = ["deno"];
indent = {
tab-width = 2;
unit = " ";
};
auto-format = true;
}
*/
];
};
@ -664,14 +691,17 @@
editor = {
soft-wrap.enable = true;
auto-pairs = false;
# auto-save = false;
# completion-trigger-len = 1;
# color-modes = false;
bufferline = "multiple";
# scrolloff = 8;
rulers = [81 121];
cursorline = true;
/*
auto-save = false;
completion-trigger-len = 1;
color-modes = false;
scrolloff = 8;
*/
inline-diagnostics = {
cursor-line = "hint";
other-lines = "error";
@ -703,18 +733,21 @@
left = [
"file-name"
"mode"
# "selections"
# "primary-selection-length"
# "position"
# "position-percentage"
/*
"selections"
"primary-selection-length"
"position"
"position-percentage"
*/
"spinner"
"diagnostics"
"workspace-diagnostics"
];
/*
center = ["file-name"];
right = ["version-control" "total-line-numbers" "file-encoding"];
*/
};
# center = ["file-name"];
# right = ["version-control" "total-line-numbers" "file-encoding"];
# };
};
keys = {
insert = {
@ -984,8 +1017,10 @@
fg = fgdim;
};
# "ui.cursorline.primary" = { bg = "default" }
# "ui.cursorline.secondary" = { bg = "default" }
/*
"ui.cursorline.primary" = { bg = "default" }
"ui.cursorline.secondary" = { bg = "default" }
*/
"ui.cursorcolumn.primary" = {bg = bg3;};
"ui.cursorcolumn.secondary" = {bg = bg3;};
@ -1006,15 +1041,17 @@
programs.htop = {
enable = true;
settings = {
# hide_kernel_threads = 1;
# hide_userland_threads = 1;
# show_program_path = 0;
# header_margin = 0;
# show_cpu_frequency = 1;
# highlight_base_name = 1;
# tree_view = 0;
# htop_version = "3.2.2";
# config_reader_min_version = 3;
/*
hide_kernel_threads = 1;
hide_userland_threads = 1;
show_program_path = 0;
header_margin = 0;
show_cpu_frequency = 1;
highlight_base_name = 1;
tree_view = 0;
htop_version = "3.2.2";
config_reader_min_version = 3;
*/
fields = "0 48 17 18 38 39 40 2 46 47 49 1";
hide_kernel_threads = 1;
hide_userland_threads = 1;
@ -1057,22 +1094,26 @@
tree_sort_direction = 1;
tree_view_always_by_pid = 0;
all_branches_collapsed = 0;
# screen:Main=PID USER PRIORITY NICE M_VIRT M_RESIDENT M_SHARE STATE PERCENT_CPU PERCENT_MEM TIME Command
# .sort_key=PERCENT_MEM
# .tree_sort_key=PID
# .tree_view=0
# .tree_view_always_by_pid=0
# .sort_direction=-1
# .tree_sort_direction=1
# .all_branches_collapsed=0
# screen:I/O=PID USER IO_PRIORITY IO_RATE IO_READ_RATE IO_WRITE_RATE Command
# .sort_key=IO_RATE
# .tree_sort_key=PID
# .tree_view=0
# .tree_view_always_by_pid=0
# .sort_direction=-1
# .tree_sort_direction=1
# .all_branches_collapsed=0
/*
screen:Main=PID USER PRIORITY NICE M_VIRT M_RESIDENT M_SHARE STATE PERCENT_CPU PERCENT_MEM TIME Command
.sort_key=PERCENT_MEM
.tree_sort_key=PID
.tree_view=0
.tree_view_always_by_pid=0
.sort_direction=-1
.tree_sort_direction=1
.all_branches_collapsed=0
screen:I/O=PID USER IO_PRIORITY IO_RATE IO_READ_RATE IO_WRITE_RATE Command
.sort_key=IO_RATE
.tree_sort_key=PID
.tree_view=0
.tree_view_always_by_pid=0
.sort_direction=-1
.tree_sort_direction=1
.all_branches_collapsed=0
*/
};
};
};
@ -1247,11 +1288,14 @@
./sway.nix
];
};
# sway-laptop = {};
# swaylock = {};
# tmux = {};
# wallpaper-manager = {};
# waybar = {};
/*
sway-laptop = {};
swaylock = {};
tmux = {};
wallpaper-manager = {};
waybar = {};
*/
wezterm = {
pkgs,
@ -1315,15 +1359,17 @@
compose_cursor = orange;
# copy_mode_active_highlight_bg = { Color = '#000000' },
# copy_mode_active_highlight_fg = { AnsiColor = 'Black' },
# copy_mode_inactive_highlight_bg = { Color = '#52ad70' },
# copy_mode_inactive_highlight_fg = { AnsiColor = 'White' },
/*
copy_mode_active_highlight_bg = { Color = '#000000' },
copy_mode_active_highlight_fg = { AnsiColor = 'Black' },
copy_mode_inactive_highlight_bg = { Color = '#52ad70' },
copy_mode_inactive_highlight_fg = { AnsiColor = 'White' },
# quick_select_label_bg = { Color = 'peru' },
# quick_select_label_fg = { Color = '#ffffff' },
# quick_select_match_bg = { AnsiColor = 'Navy' },
# quick_select_match_fg = { Color = '#ffffff' },
quick_select_label_bg = { Color = 'peru' },
quick_select_label_fg = { Color = '#ffffff' },
quick_select_match_bg = { AnsiColor = 'Navy' },
quick_select_match_fg = { Color = '#ffffff' },
*/
};
};
};
@ -1822,8 +1868,10 @@
# TODO: port config
plugins = {
# tab-bar = {path = "tab-bar";};
# compact-bar = {path = "compact-bar";};
/*
tab-bar = {path = "tab-bar";};
compact-bar = {path = "compact-bar";};
*/
};
ui = {

38
modules/home-manager/hyprland.nix
View file

@ -88,9 +88,12 @@
input = {
kb_layout = "us";
kb_options = "ctrl:nocaps";
# kb_variant =
# kb_model =
# kb_rules =
/*
kb_variant =
kb_model =
kb_rules =
*/
follow_mouse = 2;
@ -131,10 +134,13 @@
decoration = {
rounding = 3;
# blur = "no";
# blur_size = 3
# blur_passes = 1
# blur_new_optimizations = on
/*
blur = "no";
blur_size = 3
blur_passes = 1
blur_new_optimizations = on
*/
drop_shadow = "yes";
shadow_range = 4;
@ -147,8 +153,10 @@
"$mod" = "SUPER";
bind = [
# See https://wiki.hyprland.org/Configuring/Keywords/ for more
# "$mod, return, exec, wezterm"
# "$mod SHIFT, return, exec, wezterm"
/*
"$mod, return, exec, wezterm"
"$mod SHIFT, return, exec, wezterm"
*/
"$mod, return, exec, wezterm"
"$mod SHIFT, return, exec, kitty"
"$mod, U, exec, firefox"
@ -264,13 +272,13 @@
workspace_swipe = on
}
# Example per-device config
# See https://wiki.hyprland.org/Configuring/Keywords/#executing for more
# device:epic-mouse-v1 {
# sensitivity = -0.5
# }
## Example per-device config
## See https://wiki.hyprland.org/Configuring/Keywords/#executing for more
## device:epic-mouse-v1 {
## sensitivity = -0.5
## }
# See https://wiki.hyprland.org/Configuring/Window-Rules/ for more
## See https://wiki.hyprland.org/Configuring/Window-Rules/ for more
windowrulev2 = idleinhibit,class:^.*([Ss]lippi).*$
windowrulev2 = float,class:^.*([Kk]itty|[Ff]irefox|[Ww]ezterm|[Dd]iscord|[Ss]potify|[Ss]lack).*$
windowrulev2 = opacity 1.0 0.9,floating:1

42
modules/home-manager/sway.nix
View file

@ -291,34 +291,36 @@
"XF86AudioMute" = "exec swayosd-client --output-volume mute-toggle";
"XF86AudioMicMute" = "exec swayosd-client --input-volume mute-toggle";
"${mod}+shift+v" = "exec swayosd-client --input-volume mute-toggle";
# "XF86AudioRaiseVolume" = "exec swayosd-client --output-volume 15";
# "XF86AudioLowerVolume" = "exec swayosd-client --output-volume -15";
# "XF86AudioRaiseVolume" = "exec swayosd-client --output-volume raise --max-volume 120";
# "XF86AudioLowerVolume" = "exec swayosd-client --output-volume lower --max-volume 120";
# "XF86AudioRaiseVolume" = "exec swayosd-client --output-volume +10 --device alsa_output.pci-0000_11_00.4.analog-stereo.monitor";
# "XF86AudioLowerVolume" = "exec swayosd-client --output-volume -10 --device alsa_output.pci-0000_11_00.4.analog-stereo.monitor";
"XF86MonBrightnessUp" = "exec swayosd-client --brightness raise";
"XF86MonBrightnessDown" = "exec swayosd-client --brightness lower";
# "XF86MonBrightnessUp" = " exec swayosd-client --brightness 10";
# "XF86MonBrightnessDown" = "exec swayosd-client --brightness -10";
# "XF86AudioRaiseVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ +5%";
# "XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -5%";
"control+XF86AudioRaiseVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ +1%";
"control+XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -1%";
# "XF86AudioMute" = "exec pactl set-sink-mute @DEFAULT_SINK@ toggle";
"${mod}+F1" = "exec pactl set-sink-mute @DEFAULT_SINK@ toggle";
# "XF86AudioMicMute" = "exec pactl set-source-mute @DEFAULT_SOURCE@ toggle";
# "XF86MonBrightnessDown" = "exec brightnessctl set 10%-";
# "XF86MonBrightnessUp" = "exec brightnessctl set +10%";
# "shift+XF86MonBrightnessDown" = "exec brightnessctl set 1%";
# "shift+XF86MonBrightnessUp" = "exec brightnessctl set 100%";
# "control+XF86MonBrightnessDown" = "exec brightnessctl set 1%-";
# "control+XF86MonBrightnessUp" = "exec brightnessctl set +1%";
"XF86AudioPlay" = "exec playerctl play-pause";
"XF86AudioNext" = "exec playerctl next";
"XF86AudioPrev" = "exec playerctl previous";
# "${mod}+shift+v" = "exec pactl set-source-mute @DEFAULT_SOURCE@ toggle";
/*
"XF86MonBrightnessUp" = " exec swayosd-client --brightness 10";
"XF86MonBrightnessDown" = "exec swayosd-client --brightness -10";
"XF86AudioMute" = "exec pactl set-sink-mute @DEFAULT_SINK@ toggle";
"XF86AudioRaiseVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ +5%";
"XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -5%";
"XF86AudioRaiseVolume" = "exec swayosd-client --output-volume 15";
"XF86AudioLowerVolume" = "exec swayosd-client --output-volume -15";
"XF86AudioRaiseVolume" = "exec swayosd-client --output-volume raise --max-volume 120";
"XF86AudioLowerVolume" = "exec swayosd-client --output-volume lower --max-volume 120";
"XF86AudioRaiseVolume" = "exec swayosd-client --output-volume +10 --device alsa_output.pci-0000_11_00.4.analog-stereo.monitor";
"XF86AudioLowerVolume" = "exec swayosd-client --output-volume -10 --device alsa_output.pci-0000_11_00.4.analog-stereo.monitor";
"XF86AudioMicMute" = "exec pactl set-source-mute @DEFAULT_SOURCE@ toggle";
"XF86MonBrightnessDown" = "exec brightnessctl set 10%-";
"XF86MonBrightnessUp" = "exec brightnessctl set +10%";
"shift+XF86MonBrightnessDown" = "exec brightnessctl set 1%";
"shift+XF86MonBrightnessUp" = "exec brightnessctl set 100%";
"control+XF86MonBrightnessDown" = "exec brightnessctl set 1%-";
"control+XF86MonBrightnessUp" = "exec brightnessctl set +1%";
"${mod}+shift+v" = "exec pactl set-source-mute @DEFAULT_SOURCE@ toggle";
*/
"${mod}+control+shift+l" = "exec swaylock";

38
modules/home-manager/waybar.nix
View file

@ -13,12 +13,12 @@
"mpris"
"idle_inhibitor"
"bluetooth"
# "wireplumber",
"wireplumber"
"pulseaudio"
# "network",
"network"
"cpu"
"memory"
# "temperature",
"temperature"
"backlight"
"battery"
"tray"
@ -27,17 +27,17 @@
"format" = "<span</span>";
"format-connected" = "<span></span>";
"format-connected-battery" = "<span></span>";
# "format-device-preference" = [ "device1", "device2" ], # preference list deciding the displayed devic;
# "format-device-preference" = [ "device1", "device2" ]; # preference list deciding the displayed device
"tooltip-format" = "{controller_alias}@{controller_address} ({num_connections} connected)";
"tooltip-format-connected" = "{controller_alias}@{controller_address} ({num_connections} connected)\n{device_enumerate}";
"tooltip-format-enumerate-connected" = "{device_alias}@{device_address}";
"tooltip-format-enumerate-connected-battery" = "{device_alias}@{device_address} (󰁹 {device_battery_percentage}%)";
};
# "wireplumber" = ;
# "format" = "{volume}% {icon}";
# "format-muted" = "";
# "on-click" = "helvum;
# },
"wireplumber" = {
"format" = "{volume}% {icon}";
"format-muted" = "";
"on-click" = "helvum";
};
"sway/workspaces" = {
"disable-scroll" = false;
"persistent_workspaces" = {
@ -69,10 +69,12 @@
"format" = "{} 󰍛";
};
"temperature" = {
# "thermal-zone" = 2;
# "hwmon-path" = "/sys/class/hwmon/hwmon2/temp1_input";
/*
"thermal-zone" = 2;
"hwmon-path" = "/sys/class/hwmon/hwmon2/temp1_input";
"format-critical" = "{temperatureC}°C {icon}";
*/
"critical-threshold" = 80;
# "format-critical" = "{temperatureC}°C {icon}";
"format" = "{temperatureC}°C {icon}";
"format-icons" = ["" "" ""];
};
@ -106,12 +108,14 @@
"format" = "{title} by {artist}";
};
"pulseaudio" = {
# "scroll-step" = 1, # %, can be a floa;
/*
"scroll-step" = 1, # %, can be a floa;
"format" = "{volume}% {icon} {format_source}";
"format-bluetooth" = "{volume}% {icon} {format_source}";
"format-bluetooth-muted" = " {icon} {format_source}";
"format-muted" = " {format_source}";
*/
"format" = "{volume} {icon} <span>{format_source}</span>";
#"format" = "{volume}% {icon} {format_source}";
#"format-bluetooth" = "{volume}% {icon} {format_source}";
#"format-bluetooth-muted" = " {icon} {format_source}";
#"format-muted" = " {format_source}";
"format-muted" = "󰝟 {format_source}";
"format-source" = "";
"format-source-muted" = "";

1274
nixos/beefcake.nix
View file

File diff suppressed because it is too large Load diff

154
nixos/bigtower.nix
View file

@ -40,21 +40,23 @@
};
};
# networking = {
# firewall = let
# terraria = 7777;
# stardew-valley = 24642;
# web-dev-lan = 18888;
# ports = [
# terraria
# stardew-valley
# web-dev-lan
# ];
# in {
# allowedTCPPorts = ports;
# allowedUDPPorts = ports;
# };
# };
/*
networking = {
firewall = let
terraria = 7777;
stardew-valley = 24642;
web-dev-lan = 18888;
ports = [
terraria
stardew-valley
web-dev-lan
];
in {
allowedTCPPorts = ports;
allowedUDPPorts = ports;
};
};
*/
environment.systemPackages = with pkgs; [
radeontop
@ -63,69 +65,73 @@
];
home-manager.users.daniel = {
# slippi-launcher = {
# enable = true;
# # isoPath = "${config.home-manager.users.daniel.home.homeDirectory}/../games/roms/dolphin/melee.iso";
# launchMeleeOnPlay = false;
# };
/*
slippi-launcher = {
enable = true;
# isoPath = "${config.home-manager.users.daniel.home.homeDirectory}/../games/roms/dolphin/melee.iso";
launchMeleeOnPlay = false;
};
*/
# TODO: monitor config module?
# wayland.windowManager.hyprland = {
# settings = {
# env = [
# "EWW_BAR_MON,1"
# ];
# # See https://wiki.hyprland.org/Configuring/Keywords/ for more
# monitor = [
# # "DP-2,3840x2160@60,-2160x0,1,transform,3"
# "DP-3,3840x2160@120,${toString (builtins.ceil (2160 / 1.5))}x0,1"
# # HDR breaks screenshare? "DP-3,3840x2160@120,${toString (builtins.ceil (2160 / 1.5))}x0,1,bitdepth,10"
# # "desc:LG Display 0x0521,3840x2160@120,0x0,1"
# # "desc:Dell Inc. DELL U2720Q D3TM623,3840x2160@60,3840x0,1.5,transform,1"
# "DP-2,3840x2160@60,0x0,1.5,transform,1"
# ];
# input = {
# force_no_accel = true;
# sensitivity = 1; # -1.0 - 1.0, 0 means no modification.
# };
# };
# };
/*
wayland.windowManager.hyprland = {
settings = {
env = [
"EWW_BAR_MON,1"
];
# See https://wiki.hyprland.org/Configuring/Keywords/ for more
monitor = [
# "DP-2,3840x2160@60,-2160x0,1,transform,3"
"DP-3,3840x2160@120,${toString (builtins.ceil (2160 / 1.5))}x0,1"
# HDR breaks screenshare? "DP-3,3840x2160@120,${toString (builtins.ceil (2160 / 1.5))}x0,1,bitdepth,10"
# "desc:LG Display 0x0521,3840x2160@120,0x0,1"
# "desc:Dell Inc. DELL U2720Q D3TM623,3840x2160@60,3840x0,1.5,transform,1"
"DP-2,3840x2160@60,0x0,1.5,transform,1"
];
input = {
force_no_accel = true;
sensitivity = 1; # -1.0 - 1.0, 0 means no modification.
};
};
};
# wayland.windowManager.sway = {
# config = {
# output = {
# "GIGA-BYTE TECHNOLOGY CO., LTD. AORUS FO48U 23070B000307" = {
# mode = "3840x2160@120Hz";
# position = "${toString (builtins.ceil (2160 / 1.5))},0";
# };
wayland.windowManager.sway = {
config = {
output = {
"GIGA-BYTE TECHNOLOGY CO., LTD. AORUS FO48U 23070B000307" = {
mode = "3840x2160@120Hz";
position = "${toString (builtins.ceil (2160 / 1.5))},0";
};
# "Dell Inc. DELL U2720Q D3TM623" = {
# # desktop left vertical monitor
# mode = "3840x2160@60Hz";
# transform = "90";
# scale = "1.5";
# position = "0,0";
# };
# };
"Dell Inc. DELL U2720Q D3TM623" = {
# desktop left vertical monitor
mode = "3840x2160@60Hz";
transform = "90";
scale = "1.5";
position = "0,0";
};
};
# workspaceOutputAssign =
# (
# map
# (ws: {
# output = "GIGA-BYTE TECHNOLOGY CO., LTD. AORUS FO48U 23070B000307";
# workspace = toString ws;
# })
# (lib.range 1 7)
# )
# ++ (
# map
# (ws: {
# output = "Dell Inc. DELL U2720Q D3TM623";
# workspace = toString ws;
# })
# (lib.range 8 9)
# );
# };
# };
workspaceOutputAssign =
(
map
(ws: {
output = "GIGA-BYTE TECHNOLOGY CO., LTD. AORUS FO48U 23070B000307";
workspace = toString ws;
})
(lib.range 1 7)
)
++ (
map
(ws: {
output = "Dell Inc. DELL U2720Q D3TM623";
workspace = toString ws;
})
(lib.range 8 9)
);
};
};
*/
};
}

111
nixos/dragon.nix
View file

@ -73,62 +73,65 @@
};
# TODO: monitor config module?
# wayland.windowManager.hyprland = {
# settings = {
# env = [
# "EWW_BAR_MON,1"
# ];
# # See https://wiki.hyprland.org/Configuring/Keywords/ for more
# monitor = [
# # "DP-2,3840x2160@60,-2160x0,1,transform,3"
# "DP-3,3840x2160@120,${toString (builtins.ceil (2160 / 1.5))}x0,1"
# # HDR breaks screenshare? "DP-3,3840x2160@120,${toString (builtins.ceil (2160 / 1.5))}x0,1,bitdepth,10"
# # "desc:LG Display 0x0521,3840x2160@120,0x0,1"
# # "desc:Dell Inc. DELL U2720Q D3TM623,3840x2160@60,3840x0,1.5,transform,1"
# "DP-2,3840x2160@60,0x0,1.5,transform,1"
# ];
# input = {
# force_no_accel = true;
# sensitivity = 1; # -1.0 - 1.0, 0 means no modification.
# };
# };
# };
wayland.windowManager.hyprland = {
settings = {
env = [
"EWW_BAR_MON,1"
];
# See https://wiki.hyprland.org/Configuring/Keywords/ for more
monitor = [
# "DP-2,3840x2160@60,-2160x0,1,transform,3"
"DP-3,3840x2160@120,${toString (builtins.ceil (2160 / 1.5))}x0,1"
# TODO: HDR breaks screenshare?
/*
"DP-3,3840x2160@120,${toString (builtins.ceil (2160 / 1.5))}x0,1,bitdepth,10"
"desc:LG Display 0x0521,3840x2160@120,0x0,1"
"desc:Dell Inc. DELL U2720Q D3TM623,3840x2160@60,3840x0,1.5,transform,1"
*/
"DP-2,3840x2160@60,0x0,1.5,transform,1"
];
input = {
force_no_accel = true;
sensitivity = 1; # -1.0 - 1.0, 0 means no modification.
};
};
};
# wayland.windowManager.sway = {
# config = {
# output = {
# "GIGA-BYTE TECHNOLOGY CO., LTD. AORUS FO48U 23070B000307" = {
# mode = "3840x2160@120Hz";
# position = "${toString (builtins.ceil (2160 / 1.5))},0";
# };
wayland.windowManager.sway = {
config = {
output = {
"GIGA-BYTE TECHNOLOGY CO., LTD. AORUS FO48U 23070B000307" = {
mode = "3840x2160@120Hz";
position = "${toString (builtins.ceil (2160 / 1.5))},0";
};
# "Dell Inc. DELL U2720Q D3TM623" = {
# # desktop left vertical monitor
# mode = "3840x2160@60Hz";
# transform = "90";
# scale = "1.5";
# position = "0,0";
# };
# };
"Dell Inc. DELL U2720Q D3TM623" = {
# desktop left vertical monitor
mode = "3840x2160@60Hz";
transform = "270";
scale = "1.5";
position = "0,0";
};
};
# workspaceOutputAssign =
# (
# map
# (ws: {
# output = "GIGA-BYTE TECHNOLOGY CO., LTD. AORUS FO48U 23070B000307";
# workspace = toString ws;
# })
# (lib.range 1 7)
# )
# ++ (
# map
# (ws: {
# output = "Dell Inc. DELL U2720Q D3TM623";
# workspace = toString ws;
# })
# (lib.range 8 9)
# );
# };
# };
workspaceOutputAssign =
(
map
(ws: {
output = "GIGA-BYTE TECHNOLOGY CO., LTD. AORUS FO48U 23070B000307";
workspace = toString ws;
})
(lib.range 1 7)
)
++ (
map
(ws: {
output = "Dell Inc. DELL U2720Q D3TM623";
workspace = toString ws;
})
(lib.range 8 9)
);
};
};
};
}

161
nixos/foxtrot.nix
View file

@ -11,9 +11,11 @@
swapDevices = [
# TODO: move this to disko?
# NOTE(oninstall):
# sudo btrfs subvolume create /swap
# sudo btrfs filesystem mkswapfile --size 32g --uuid clear /swap/swapfile
# sudo swapon /swap/swapfile
/*
sudo btrfs subvolume create /swap
sudo btrfs filesystem mkswapfile --size 32g --uuid clear /swap/swapfile
sudo swapon /swap/swapfile
*/
{device = "/swap/swapfile";}
];
# findmnt -no UUID -T /swap/swapfile
@ -23,15 +25,17 @@
services.fwupd.extraRemotes = ["lvfs-testing"];
# NOTE: I'm letting plasma settings handle this I guess?
# services.logind = {
# lidSwitch = "suspend-then-hibernate";
# # HandleLidSwitchDocked=ignore
# extraConfig = ''
# HandlePowerKey=suspend-then-hibernate
# IdleActionSec=10m
# IdleAction=suspend-then-hibernate
# '';
# };
/*
services.logind = {
lidSwitch = "suspend-then-hibernate";
# HandleLidSwitchDocked=ignore
extraConfig = ''
HandlePowerKey=suspend-then-hibernate
IdleActionSec=10m
IdleAction=suspend-then-hibernate
'';
};
*/
}
];
@ -56,37 +60,41 @@
};
};
# wayland.windowManager.hyprland = {
# settings = {
# env = [
# "EWW_BAR_MON,0"
# ];
# # See https://wiki.hyprland.org/Configuring/Keywords/ for more
# monitor = [
# "eDP-1,2256x1504@60,0x0,${toString scale}"
# ];
# };
# };
/*
wayland.windowManager.hyprland = {
settings = {
env = [
"EWW_BAR_MON,0"
];
# See https://wiki.hyprland.org/Configuring/Keywords/ for more
monitor = [
"eDP-1,2256x1504@60,0x0,${toString scale}"
];
};
};
*/
# wayland.windowManager.sway = {
# config = {
# output = {
# "BOE 0x0BCA Unknown" = {
# mode = "2256x1504@60Hz";
# position = "0,0";
# scale = toString scale;
# };
/*
wayland.windowManager.sway = {
config = {
output = {
"BOE 0x0BCA Unknown" = {
mode = "2256x1504@60Hz";
position = "0,0";
scale = toString scale;
};
# "Dell Inc. DELL U2720Q D3TM623" = {
# # desktop left vertical monitor
# mode = "1920x1080@60Hz";
# # transform = "90";
# # scale = "1.5";
# position = "${toString (builtins.floor (2256 / scale))},0";
# };
# };
# };
# };
"Dell Inc. DELL U2720Q D3TM623" = {
# desktop left vertical monitor
mode = "1920x1080@60Hz";
# transform = "90";
# scale = "1.5";
position = "${toString (builtins.floor (2256 / scale))},0";
};
};
};
};
*/
};
hardware.graphics.extraPackages = [
@ -107,15 +115,17 @@
kernelPackages = pkgs.linuxPackages_latest;
# https://github.com/void-linux/void-packages/issues/50417#issuecomment-2131802836 fix framework 13 not shutting down
# kernelPatches = [
# {
# name = "framework13shutdownfix";
# patch = builtins.fetchurl {
# url = "https://github.com/void-linux/void-packages/files/15445612/0001-Add-hopefully-a-solution-for-shutdown-regression.PATCH";
# sha256 = "sha256:10zcnzy5hkam2cnxx441b978gzhvnqlcc49k7bpz9dc28xyjik50";
# };
# }
# ];
/*
kernelPatches = [
{
name = "framework13shutdownfix";
patch = builtins.fetchurl {
url = "https://github.com/void-linux/void-packages/files/15445612/0001-Add-hopefully-a-solution-for-shutdown-regression.PATCH";
sha256 = "sha256:10zcnzy5hkam2cnxx441b978gzhvnqlcc49k7bpz9dc28xyjik50";
};
}
];
*/
loader = {
efi.canTouchEfiVariables = true;
@ -123,11 +133,12 @@
};
# NOTE(oninstall):
# sudo filefrag -v /swap/swapfile | awk '$1=="0:" {print substr($4, 1, length($4)-2)}'
# the above won't work for btrfs, instead you need
# btrfs inspect-internal map-swapfile -r /swap/swapfile
# https://wiki.archlinux.org/title/Power_management/Suspend_and_hibernate#Hibernation_into_swap_file
# many of these come from https://wiki.archlinux.org/title/Framework_Laptop_13#Suspend
/*
sudo filefrag -v /swap/swapfile | awk '$1=="0:" {print substr($4, 1, length($4)-2)}'
the above won't work for btrfs, instead you need btrfs inspect-internal map-swapfile -r /swap/swapfile
https://wiki.archlinux.org/title/Power_management/Suspend_and_hibernate#Hibernation_into_swap_file
many of these come from https://wiki.archlinux.org/title/Framework_Laptop_13#Suspend
*/
kernelParams = [
"rtc_cmos.use_acpi_alarm=1"
"amdgpu.sg_display=0"
@ -151,10 +162,12 @@
powerOnBoot = false;
};
powerManagement.cpuFreqGovernor = "ondemand";
# powerManagement.resumeCommands = ''
# modprobe -rv mt7921e
# modprobe -v mt7921e
# '';
/*
powerManagement.resumeCommands = ''
modprobe -rv mt7921e
modprobe -v mt7921e
'';
*/
services.power-profiles-daemon = {
enable = true;
@ -170,24 +183,24 @@
"fprintd:TestPamFprintd"
];
};
# tod.enable = true;
# tod.driver = pkgs.libfprint-2-tod1-goodix;
};
# services.tlp = {
# enable = true;
# settings = {
# CPU_ENERGY_PERF_POLICY_ON_BAT = "power";
# CPU_SCALING_GOVERNOR_ON_BAT = "ondemand";
# CPU_MIN_PERF_ON_BAT = 0;
# CPU_MAX_PERF_ON_BAT = 80;
/*
services.tlp = {
enable = true;
settings = {
CPU_ENERGY_PERF_POLICY_ON_BAT = "power";
CPU_SCALING_GOVERNOR_ON_BAT = "ondemand";
CPU_MIN_PERF_ON_BAT = 0;
CPU_MAX_PERF_ON_BAT = 80;
# CPU_SCALING_GOVERNOR_ON_AC = "performance";
# CPU_ENERGY_PERF_POLICY_ON_AC = "performance";
# CPU_MIN_PERF_ON_AC = 0;
# CPU_MAX_PERF_ON_AC = 100;
# };
# };
CPU_SCALING_GOVERNOR_ON_AC = "performance";
CPU_ENERGY_PERF_POLICY_ON_AC = "performance";
CPU_MIN_PERF_ON_AC = 0;
CPU_MAX_PERF_ON_AC = 100;
};
};
*/
networking.firewall.allowedTCPPorts = let
stardewValley = 24642;

78
nixos/htpifour.nix
View file

@ -58,15 +58,19 @@
hardware.raspberry-pi."4".audio.enable = true;
nixpkgs.overlays = [
# nixos-22.05
# (self: super: { libcec = super.libcec.override { inherit (self) libraspberrypi; }; })
# nixos-22.11
# (self: super: {libcec = super.libcec.override {withLibraspberrypi = true;};})
/*
nixos-22.05
(self: super: { libcec = super.libcec.override { inherit (self) libraspberrypi; }; })
nixos-22.11
(self: super: {libcec = super.libcec.override {withLibraspberrypi = true;};})
*/
];
# Workaround for GNOME autologin: https://github.com/NixOS/nixpkgs/issues/103746#issuecomment-945091229
# systemd.services."getty@tty1".enable = false;
# systemd.services."autovt@tty1".enable = false;
/*
systemd.services."getty@tty1".enable = false;
systemd.services."autovt@tty1".enable = false;
*/
# hardware
systemd.targets.sleep.enable = false;
@ -99,38 +103,40 @@
};
};
# services.udev.extraRules = ''
# # allow access to raspi cec device for video group (and optionally register it as a systemd device, used below)
# SUBSYSTEM=="vchiq", GROUP="video", MODE="0660", TAG+="systemd", ENV{SYSTEMD_ALIAS}="/dev/vchiq"
# '';
/*
services.udev.extraRules = ''
# allow access to raspi cec device for video group (and optionally register it as a systemd device, used below)
SUBSYSTEM=="vchiq", GROUP="video", MODE="0660", TAG+="systemd", ENV{SYSTEMD_ALIAS}="/dev/vchiq"
'';
# powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
# optional: attach a persisted cec-client to `/run/cec.fifo`, to avoid the CEC ~1s startup delay per command
# scan for devices: `echo 'scan' &gt; /run/cec.fifo ; journalctl -u cec-client.service`
# set pi as active source: `echo 'as' &gt; /run/cec.fifo`
# systemd.sockets."cec-client" = {
# after = ["dev-vchiq.device"];
# bindsTo = ["dev-vchiq.device"];
# wantedBy = ["sockets.target"];
# socketConfig = {
# ListenFIFO = "/run/cec.fifo";
# SocketGroup = "video";
# SocketMode = "0660";
# };
# };
# systemd.services."cec-client" = {
# after = ["dev-vchiq.device"];
# bindsTo = ["dev-vchiq.device"];
# wantedBy = ["multi-user.target"];
# serviceConfig = {
# ExecStart = ''${pkgs.libcec}/bin/cec-client -d 1'';
# ExecStop = ''/bin/sh -c "echo q &gt; /run/cec.fifo"'';
# StandardInput = "socket";
# StandardOutput = "journal";
# Restart = "no";
# };
# };
optional: attach a persisted cec-client to `/run/cec.fifo`, to avoid the CEC ~1s startup delay per command
scan for devices: `echo 'scan' &gt; /run/cec.fifo ; journalctl -u cec-client.service`
set pi as active source: `echo 'as' &gt; /run/cec.fifo`
systemd.sockets."cec-client" = {
after = ["dev-vchiq.device"];
bindsTo = ["dev-vchiq.device"];
wantedBy = ["sockets.target"];
socketConfig = {
ListenFIFO = "/run/cec.fifo";
SocketGroup = "video";
SocketMode = "0660";
};
};
systemd.services."cec-client" = {
after = ["dev-vchiq.device"];
bindsTo = ["dev-vchiq.device"];
wantedBy = ["multi-user.target"];
serviceConfig = {
ExecStart = ''${pkgs.libcec}/bin/cec-client -d 1'';
ExecStop = ''/bin/sh -c "echo q &gt; /run/cec.fifo"'';
StandardInput = "socket";
StandardOutput = "journal";
Restart = "no";
};
};
*/
hardware.graphics.driSupport32Bit = lib.mkForce false;

572
nixos/router.nix
View file

@ -5,13 +5,15 @@
pkgs,
...
}: let
# NOTE: My goal is to be able to apply most of the common tweaks to the router
# either live on the system for ad-hoc changes (such as forwarding a port for a
# multiplayer game) or to tweak these values just below without reaching deeper
# into the modules' implementation of these configuration values
# NOTE: I could turn this into a cool NixOS module?
# TODO: review https://francis.begyn.be/blog/nixos-home-router
# TODO: more recent: https://github.com/ghostbuster91/blogposts/blob/a2374f0039f8cdf4faddeaaa0347661ffc2ec7cf/router2023-part2/main.md
/*
NOTE: My goal is to be able to apply most of the common tweaks to the router
either live on the system for ad-hoc changes (such as forwarding a port for a
multiplayer game) or to tweak these values just below without reaching deeper
into the modules' implementation of these configuration values
NOTE: I could turn this into a cool NixOS module?
TODO: review https://francis.begyn.be/blog/nixos-home-router
TODO: more recent: https://github.com/ghostbuster91/blogposts/blob/a2374f0039f8cdf4faddeaaa0347661ffc2ec7cf/router2023-part2/main.md
*/
hostname = "router";
domain = "h.lyte.dev";
ip = "192.168.0.1";
@ -246,56 +248,58 @@ in {
};
# NOTE: see flake.nix 'nnf.nixosModules.default'
# nftables.firewall = let
# me = config.networking.nftables.firewall.localZoneName;
# in {
# enable = true;
# snippets.nnf-common.enable = true;
/*
nftables.firewall = let
me = config.networking.nftables.firewall.localZoneName;
in {
enable = true;
snippets.nnf-common.enable = true;
# zones = {
# ${interfaces.wan.name} = {
# interfaces = [interfaces.wan.name interfaces.lan.name];
# };
# ${interfaces.lan.name} = {
# parent = interfaces.wan.name;
# ipv4Addresses = [cidr];
# };
# # banned = {
# # ingressExpression = [
# # "ip saddr @banlist"
# # "ip6 saddr @banlist6"
# # ];
# # egressExpression = [
# # "ip daddr @banlist"
# # "ip6 daddr @banlist6"
# # ];
# # };
# };
zones = {
${interfaces.wan.name} = {
interfaces = [interfaces.wan.name interfaces.lan.name];
};
${interfaces.lan.name} = {
parent = interfaces.wan.name;
ipv4Addresses = [cidr];
};
# banned = {
# ingressExpression = [
# "ip saddr @banlist"
# "ip6 saddr @banlist6"
# ];
# egressExpression = [
# "ip daddr @banlist"
# "ip6 daddr @banlist6"
# ];
# };
};
# rules = {
# dhcp = {
# from = "all";
# to = [hosts.beefcake.ip];
# allowedTCPPorts = [67];
# allowedUDPPorts = [67];
# };
# http = {
# from = "all";
# to = [me];
# allowedTCPPorts = [80 443];
# };
# router-ssh = {
# from = "all";
# to = [me];
# allowedTCPPorts = [2201];
# };
# server-ssh = {
# from = "all";
# to = [hosts.beefcake.ip];
# allowedTCPPorts = [22];
# };
# };
# };
rules = {
dhcp = {
from = "all";
to = [hosts.beefcake.ip];
allowedTCPPorts = [67];
allowedUDPPorts = [67];
};
http = {
from = "all";
to = [me];
allowedTCPPorts = [80 443];
};
router-ssh = {
from = "all";
to = [me];
allowedTCPPorts = [2201];
};
server-ssh = {
from = "all";
to = [hosts.beefcake.ip];
allowedTCPPorts = [22];
};
};
};
*/
};
systemd.network = {
@ -347,25 +351,31 @@ in {
};
};
# WAN configuration requires DHCP to get addresses
# we also disable some options to be certain we retain as much networking
# control as we reasonably can, such as not letting the ISP determine our
# hostname or DNS configuration
# TODO: IPv6 (prefix delegation)
/*
WAN configuration requires DHCP to get addresses
we also disable some options to be certain we retain as much networking
control as we reasonably can, such as not letting the ISP determine our
hostname or DNS configuration
TODO: IPv6 (prefix delegation)
*/
"40-${interfaces.wan.name}" = {
matchConfig.Name = "${interfaces.wan.name}";
networkConfig = {
Description = "WAN network - connection to fiber ISP jack";
DHCP = true;
# IPv6AcceptRA = true;
# IPv6PrivacyExtensions = true;
# IPForward = true;
/*
IPv6AcceptRA = true;
IPv6PrivacyExtensions = true;
IPForward = true;
*/
};
dhcpV6Config = {
# ForceDHCPv6PDOtherInformation = true;
# UseHostname = false;
# UseDNS = false;
# UseNTP = false;
/*
ForceDHCPv6PDOtherInformation = true;
UseHostname = false;
UseDNS = false;
UseNTP = false;
*/
PrefixDelegationHint = "::/56";
};
dhcpV4Config = {
@ -391,17 +401,21 @@ in {
services.resolved.enable = false;
# dnsmasq serves as our DHCP and DNS server
# almost all the configuration should be derived from the values at the top of
# this file
/*
dnsmasq serves as our DHCP and DNS server
almost all the configuration should be derived from the values at the top of
this file
*/
services.dnsmasq = {
enable = true;
settings = {
listen-address = "::,127.0.0.1,${ip}";
port = 53;
# dhcp-authoritative = true;
# dnssec = true;
/*
dhcp-authoritative = true;
dnssec = true;
*/
enable-ra = true;
server = ["1.1.1.1" "9.9.9.9" "8.8.8.8"];
@ -454,8 +468,10 @@ in {
};
};
# since the home network reserves port 22 for ssh to the big server and to
# gitea, the router uses port 2201 for ssh
/*
since the home network reserves port 22 for ssh to the big server and to
gitea, the router uses port 2201 for ssh
*/
services.openssh.listenAddresses = [
{
addr = "0.0.0.0";
@ -479,252 +495,254 @@ in {
system.stateVersion = "24.05";
# NOTE: everything from here on is deprecated or old stuff
/*
NOTE: everything from here on is deprecated or old stuff
# TODO: may not be strictly necessary for IPv6?
# TODO: also may not even be the best implementation?
# services.radvd = {
# enable = false;
# # NOTE: this config is just the default arch linux config I think and may
# # need tweaking? this is what I had on the arch linux router, though :shrug:
# config = ''
# interface lo
# {
# AdvSendAdvert on;
# MinRtrAdvInterval 3;
# MaxRtrAdvInterval 10;
# AdvDefaultPreference low;
# AdvHomeAgentFlag off;
TODO: may not be strictly necessary for IPv6?
TODO: also may not even be the best implementation?
services.radvd = {
enable = false;
## NOTE: this config is just the default arch linux config I think and may
## need tweaking? this is what I had on the arch linux router, though :shrug:
config = ''
interface lo
{
AdvSendAdvert on;
MinRtrAdvInterval 3;
MaxRtrAdvInterval 10;
AdvDefaultPreference low;
AdvHomeAgentFlag off;
# prefix 2001:db8:1:0::/64
# {
# AdvOnLink on;
# AdvAutonomous on;
# AdvRouterAddr off;
# };
prefix 2001:db8:1:0::/64
{
AdvOnLink on;
AdvAutonomous on;
AdvRouterAddr off;
};
# prefix 0:0:0:1234::/64
# {
# AdvOnLink on;
# AdvAutonomous on;
# AdvRouterAddr off;
# Base6to4Interface ppp0;
# AdvPreferredLifetime 120;
# AdvValidLifetime 300;
# };
prefix 0:0:0:1234::/64
{
AdvOnLink on;
AdvAutonomous on;
AdvRouterAddr off;
Base6to4Interface ppp0;
AdvPreferredLifetime 120;
AdvValidLifetime 300;
};
# route 2001:db0:fff::/48
# {
# AdvRoutePreference high;
# AdvRouteLifetime 3600;
# };
route 2001:db0:fff::/48
{
AdvRoutePreference high;
AdvRouteLifetime 3600;
};
# RDNSS 2001:db8::1 2001:db8::2
# {
# AdvRDNSSLifetime 30;
# };
RDNSS 2001:db8::1 2001:db8::2
{
AdvRDNSSLifetime 30;
};
# DNSSL branch.example.com example.com
# {
# AdvDNSSLLifetime 30;
# };
# };
# '';
# };
DNSSL branch.example.com example.com
{
AdvDNSSLLifetime 30;
};
};
'';
};
# TODO: old config, should be deleted ASAP
# services.dnsmasq = {
# enable = false;
# settings = {
# # server endpoints
# listen-address = "::1,127.0.0.1,${ip}";
# port = "53";
TODO: old config, should be deleted ASAP
services.dnsmasq = {
enable = false;
settings = {
# server endpoints
listen-address = "::1,127.0.0.1,${ip}";
port = "53";
# # DNS cache entries
# cache-size = "10000";
# DNS cache entries
cache-size = "10000";
# # local domain entries
# local = "/lan/";
# domain = "lan";
# expand-hosts = true;
# local domain entries
local = "/lan/";
domain = "lan";
expand-hosts = true;
# dhcp-authoritative = true;
dhcp-authoritative = true;
# conf-file = "/usr/share/dnsmasq/trust-anchors.conf";
# dnssec = true;
conf-file = "/usr/share/dnsmasq/trust-anchors.conf";
dnssec = true;
# except-interface = "${wan_if}";
# interface = "${lan_if}";
except-interface = "${wan_if}";
interface = "${lan_if}";
# enable-ra = true;
enable-ra = true;
# # dhcp-option = "121,${cidr},${ip}";
# dhcp-option = "121,${cidr},${ip}";
# dhcp-range = [
# "lan,${dhcp_lease_space.min},${dhcp_lease_space.max},${netmask},10m"
# "tag:${lan_if},::1,constructor:${lan_if},ra-names,12h"
# ];
dhcp-range = [
"lan,${dhcp_lease_space.min},${dhcp_lease_space.max},${netmask},10m"
"tag:${lan_if},::1,constructor:${lan_if},ra-names,12h"
];
# dhcp-host = [
# "${hosts.dragon.host},${hosts.dragon.ip},12h"
# "${hosts.beefcake.host},${hosts.beefcake.ip},12h"
# ];
dhcp-host = [
"${hosts.dragon.host},${hosts.dragon.ip},12h"
"${hosts.beefcake.host},${hosts.beefcake.ip},12h"
];
# # may need to go in /etc/hosts (networking.extraHosts), too?
# address = [
# "/video.lyte.dev/192.168.0.9"
# "/git.lyte.dev/192.168.0.9"
# "/bw.lyte.dev/192.168.0.9"
# "/files.lyte.dev/192.168.0.9"
# "/vpn.h.lyte.dev/192.168.0.9"
# "/.h.lyte.dev/192.168.0.9"
# ];
# may need to go in /etc/hosts (networking.extraHosts), too?
address = [
"/video.lyte.dev/192.168.0.9"
"/git.lyte.dev/192.168.0.9"
"/bw.lyte.dev/192.168.0.9"
"/files.lyte.dev/192.168.0.9"
"/vpn.h.lyte.dev/192.168.0.9"
"/.h.lyte.dev/192.168.0.9"
];
# server = [
# "${ip}"
# "8.8.8.8"
# "8.8.4.4"
# "1.1.1.1"
# "1.0.0.1"
# ];
# };
# };
server = [
"${ip}"
"8.8.8.8"
"8.8.4.4"
"1.1.1.1"
"1.0.0.1"
];
};
};
# TODO: old config, should be deleted ASAP
# nftables = {
# enable = false;
# flushRuleset = true;
TODO: old config, should be deleted ASAP
nftables = {
enable = false;
flushRuleset = true;
# tables = {
# filter = {
# family = "inet";
# content = ''
# chain input {
# # type filter hook input priority filter; policy accept;
# type filter hook input priority 0;
tables = {
filter = {
family = "inet";
content = ''
chain input {
# type filter hook input priority filter; policy accept;
type filter hook input priority 0;
# # anything from loopback interface
# iifname "lo" accept
# anything from loopback interface
iifname "lo" accept
# # accept traffic we originated
# ct state { established, related } counter accept
# ct state invalid counter drop
# accept traffic we originated
ct state { established, related } counter accept
ct state invalid counter drop
# # ICMP
# ip6 nexthdr icmpv6 icmpv6 type { echo-request, nd-neighbor-solicit, nd-neighbor-advert, nd-router-solicit, nd-router-advert, mld-listener-query, destination-unreachable, packet-too-big, time-exceeded, parameter-problem } counter accept
# ip protocol icmp icmp type { echo-request, destination-unreachable, router-advertisement, time-exceeded, parameter-problem } counter accept
# ip protocol icmpv6 counter accept
# ip protocol icmp counter accept
# meta l4proto ipv6-icmp counter accept
# udp dport dhcpv6-client counter accept
# ICMP
ip6 nexthdr icmpv6 icmpv6 type { echo-request, nd-neighbor-solicit, nd-neighbor-advert, nd-router-solicit, nd-router-advert, mld-listener-query, destination-unreachable, packet-too-big, time-exceeded, parameter-problem } counter accept
ip protocol icmp icmp type { echo-request, destination-unreachable, router-advertisement, time-exceeded, parameter-problem } counter accept
ip protocol icmpv6 counter accept
ip protocol icmp counter accept
meta l4proto ipv6-icmp counter accept
udp dport dhcpv6-client counter accept
# tcp dport { 64022, 22, 53, 67, 25565 } counter accept
# udp dport { 64020, 22, 53, 67 } counter accept
tcp dport { 64022, 22, 53, 67, 25565 } counter accept
udp dport { 64020, 22, 53, 67 } counter accept
# # iifname "iot" ip saddr $iot-ip tcp dport { llmnr } counter accept
# # iifname "iot" ip saddr $iot-ip udp dport { mdns, llmnr } counter accept
# iifname "${lan_if}" tcp dport { llmnr } counter accept
# iifname "${lan_if}" udp dport { mdns, llmnr } counter accept
## iifname "iot" ip saddr $iot-ip tcp dport { llmnr } counter accept
## iifname "iot" ip saddr $iot-ip udp dport { mdns, llmnr } counter accept
iifname "${lan_if}" tcp dport { llmnr } counter accept
iifname "${lan_if}" udp dport { mdns, llmnr } counter accept
# counter drop
# }
counter drop
}
# # allow all outgoing
# chain output {
# type filter hook output priority 0;
# accept
# }
# allow all outgoing
chain output {
type filter hook output priority 0;
accept
}
# chain forward {
# type filter hook forward priority 0;
# accept
# }
# '';
# };
chain forward {
type filter hook forward priority 0;
accept
}
'';
};
# nat = {
# family = "ip";
# content = ''
# set masq_saddr {
# type ipv4_addr
# flags interval
# elements = { ${cidr} }
# }
nat = {
family = "ip";
content = ''
set masq_saddr {
type ipv4_addr
flags interval
elements = { ${cidr} }
}
# map map_port_ipport {
# type inet_proto . inet_service : ipv4_addr . inet_service
# }
map map_port_ipport {
type inet_proto . inet_service : ipv4_addr . inet_service
}
# chain prerouting {
# iifname ${lan_if} accept
chain prerouting {
iifname ${lan_if} accept
# type nat hook prerouting priority dstnat + 1; policy accept;
# fib daddr type local dnat ip addr . port to meta l4proto . th dport map @map_port_ipport
type nat hook prerouting priority dstnat + 1; policy accept;
fib daddr type local dnat ip addr . port to meta l4proto . th dport map @map_port_ipport
# iifname ${wan_if} tcp dport { 22, 80, 443, 25565, 64022 } dnat to ${hosts.beefcake.ip}
# iifname ${wan_if} udp dport { 64020 } dnat to ${hosts.beefcake.ip}
iifname ${wan_if} tcp dport { 22, 80, 443, 25565, 64022 } dnat to ${hosts.beefcake.ip}
iifname ${wan_if} udp dport { 64020 } dnat to ${hosts.beefcake.ip}
# # iifname ${wan_if} tcp dport { 25565 } dnat to 192.168.0.244
# # iifname ${wan_if} udp dport { 25565 } dnat to 192.168.0.244
## iifname ${wan_if} tcp dport { 25565 } dnat to 192.168.0.244
## iifname ${wan_if} udp dport { 25565 } dnat to 192.168.0.244
# # router
# iifname ${wan_if} tcp dport { 2201 } dnat to ${ip}
# }
## router
iifname ${wan_if} tcp dport { 2201 } dnat to ${ip}
}
# chain output {
# type nat hook output priority -99; policy accept;
# ip daddr != 127.0.0.0/8 oif "lo" dnat ip addr . port to meta l4proto . th dport map @map_port_ipport
# }
chain output {
type nat hook output priority -99; policy accept;
ip daddr != 127.0.0.0/8 oif "lo" dnat ip addr . port to meta l4proto . th dport map @map_port_ipport
}
# chain postrouting {
# type nat hook postrouting priority srcnat + 1; policy accept;
# oifname ${lan_if} masquerade
# ip saddr @masq_saddr masquerade
# }
# '';
# };
# };
# };
chain postrouting {
type nat hook postrouting priority srcnat + 1; policy accept;
oifname ${lan_if} masquerade
ip saddr @masq_saddr masquerade
}
'';
};
};
};
# TODO: also want to try to avoid using dhcpcd for IPv6 since systemd-networkd
# should be sufficient?
# dhcpcd = {
# enable = false;
# extraConfig = ''
# duid
TODO: also want to try to avoid using dhcpcd for IPv6 since systemd-networkd
should be sufficient?
dhcpcd = {
enable = false;
extraConfig = ''
duid
# # No way.... https://github.com/NetworkConfiguration/dhcpcd/issues/36#issuecomment-954777644
# # issues caused by guests with oneplus devices
# noarp
## No way.... https://github.com/NetworkConfiguration/dhcpcd/issues/36#issuecomment-954777644
## issues caused by guests with oneplus devices
noarp
# persistent
# vendorclassid
persistent
vendorclassid
# option domain_name_servers, domain_name, domain_search
# option classless_static_routes
# option interface_mtu
# option host_name
# #option ntp_servers
option domain_name_servers, domain_name, domain_search
option classless_static_routes
option interface_mtu
option host_name
#option ntp_servers
# require dhcp_server_identifier
# slaac private
# noipv4ll
# noipv6rs
require dhcp_server_identifier
slaac private
noipv4ll
noipv6rs
# static domain_name_servers=${ip}
static domain_name_servers=${ip}
# interface ${wan_if}
# gateway
# ipv6rs
# iaid 1
# # option rapid_commit
# # ia_na 1
# ia_pd 1 ${lan_if}
interface ${wan_if}
gateway
ipv6rs
iaid 1
## option rapid_commit
## ia_na 1
ia_pd 1 ${lan_if}
# interface ${lan_if}
# static ip_address=${cidr}
# static routers=${ip}
# static domain_name_servers=${ip}
# '';
# };
interface ${lan_if}
static ip_address=${cidr}
static routers=${ip}
static domain_name_servers=${ip}
'';
};
*/
}

10
nixos/thinker.nix
View file

@ -6,10 +6,12 @@
efi.canTouchEfiVariables = true;
systemd-boot.enable = true;
};
# sudo filefrag -v /swap/swapfile | awk '$1=="0:" {print substr($4, 1, length($4)-2)}'
# the above won't work for btrfs, instead you need
# btrfs inspect-internal map-swapfile -r /swap/swapfile
# https://wiki.archlinux.org/title/Power_management/Suspend_and_hibernate#Hibernation_into_swap_file
/*
sudo filefrag -v /swap/swapfile | awk '$1=="0:" {print substr($4, 1, length($4)-2)}'
the above won't work for btrfs, instead you need
btrfs inspect-internal map-swapfile -r /swap/swapfile
https://wiki.archlinux.org/title/Power_management/Suspend_and_hibernate#Hibernation_into_swap_file
*/
kernelParams = ["boot.shell_on_fail"];
initrd.availableKernelModules = ["xhci_pci" "nvme" "ahci"];
};

26
templates/elixir/flake.nix
View file

@ -47,19 +47,21 @@
src = ./.;
pname = "api.lyte.dev";
in {
# this-package = mixRelease {
# inherit pname version src;
# mixFodDeps = fetchMixDeps {
# inherit version src;
# pname = "mix-deps-${pname}";
# hash = pkgs.lib.fakeSha256;
# };
# buildInputs = with pkgs; [sqlite];
# HOME = "$(pwd)";
# MIX_XDG = "$HOME";
# };
/*
this-package = mixRelease {
inherit pname version src;
mixFodDeps = fetchMixDeps {
inherit version src;
pname = "mix-deps-${pname}";
hash = pkgs.lib.fakeSha256;
};
buildInputs = with pkgs; [sqlite];
HOME = "$(pwd)";
MIX_XDG = "$HOME";
};
# default = outputs.packages.${system}.this-package;
default = outputs.packages.${system}.this-package;
*/
});
devShells = forAllSystems (system: let

16
templates/nix-flake/flake.nix
View file

@ -35,12 +35,14 @@
default = self.outputs.devShells.${pkgs.system}.nix;
});
# packages = genPkgs (pkgs: import ./pkgs {inherit pkgs;});
# overlays = import ./overlays self;
# nixosModules = import ./modules/nixos;
# homeManagerModules = import ./modules/home-manager;
# nixosConfigurations = import ./nixos;
# homeConfigurations = import ./home
# templates = import ./templates;
/*
packages = genPkgs (pkgs: import ./pkgs {inherit pkgs;});
overlays = import ./overlays self;
nixosModules = import ./modules/nixos;
homeManagerModules = import ./modules/home-manager;
nixosConfigurations = import ./nixos;
homeConfigurations = import ./home
templates = import ./templates;
*/
};
}

28
templates/rust/flake.nix
View file

@ -22,12 +22,14 @@
alejandra.enable = true;
# NOTE: These do not work well with `nix flake check` due to pure environments
# https://github.com/cachix/git-hooks.nix/issues/452
# cargo-check.enable = true;
# clippy = {
# enable = true;
# packageOverrides.cargo = pkgs.cargo;
# packageOverrides.clippy = pkgs.rustPackages.clippy;
# };
/*
cargo-check.enable = true;
clippy = {
enable = true;
packageOverrides.cargo = pkgs.cargo;
packageOverrides.clippy = pkgs.rustPackages.clippy;
};
*/
rustfmt = {
enable = true;
packageOverrides.rustfmt = pkgs.rustfmt;
@ -41,13 +43,15 @@
pname = "kodotag";
version = "0.1.0";
# nativeBuildInputs = with pkgs; [
# pkg-config
# clang
# ];
/*
nativeBuildInputs = with pkgs; [
pkg-config
clang
];
# buildInputs = with pkgs; [
# ];
buildInputs = with pkgs; [
];
*/
src = ./.;
hash = pkgs.lib.fakeHash;