Compare commits
89 commits
beefcake-r
...
main
Author | SHA1 | Date | |
---|---|---|---|
Daniel Flanagan | 5ad3a220a7 | ||
Daniel Flanagan | 06427b694c | ||
Daniel Flanagan | 66c0f17e46 | ||
Daniel Flanagan | c8bf3ae618 | ||
Daniel Flanagan | 8afad6f40c | ||
Daniel Flanagan | 0cfb985723 | ||
Daniel Flanagan | 303ca8c871 | ||
Daniel Flanagan | e8dd91e345 | ||
Daniel Flanagan | 2b4b1c5850 | ||
Daniel Flanagan | a1acf60896 | ||
Daniel Flanagan | 2c541801e6 | ||
Daniel Flanagan | 352d4412f2 | ||
Daniel Flanagan | a3997d519a | ||
Daniel Flanagan | 64e4c9c1b2 | ||
Daniel Flanagan | 337e587f92 | ||
Daniel Flanagan | 1bb83efeef | ||
Daniel Flanagan | a7b81162d5 | ||
Daniel Flanagan | 1bec150b17 | ||
Daniel Flanagan | bec787e6ff | ||
Daniel Flanagan | 3eba3a553d | ||
Daniel Flanagan | 9630de5237 | ||
Daniel Flanagan | a3fa043cb9 | ||
Daniel Flanagan | 6624b11014 | ||
Daniel Flanagan | 226c7993b1 | ||
Daniel Flanagan | ce00bd6fed | ||
Daniel Flanagan | 556c58f0fb | ||
Daniel Flanagan | c007790ecf | ||
Daniel Flanagan | 095bfdddfc | ||
Daniel Flanagan | e8564cbae0 | ||
Daniel Flanagan | 9cc15d53fa | ||
Daniel Flanagan | a33de2c711 | ||
Daniel Flanagan | 9e8ce71b65 | ||
Daniel Flanagan | 1469810d2b | ||
Daniel Flanagan | b8ac83f1a1 | ||
Daniel Flanagan | f676b4d7a5 | ||
Daniel Flanagan | a733249377 | ||
Daniel Flanagan | 494a9727c7 | ||
Daniel Flanagan | 8aab4b1056 | ||
Daniel Flanagan | 035fdc710b | ||
Daniel Flanagan | 09b4567c92 | ||
Daniel Flanagan | c2e03c50ae | ||
Daniel Flanagan | 379c26527a | ||
Daniel Flanagan | 3b7aefac96 | ||
Daniel Flanagan | 3df1eeecca | ||
Daniel Flanagan | 529dcce37a | ||
Daniel Flanagan | fbdac308ec | ||
Daniel Flanagan | c92314e731 | ||
Daniel Flanagan | c2095697ef | ||
Daniel Flanagan | f247344b05 | ||
Daniel Flanagan | 637c4e4273 | ||
Daniel Flanagan | c20b5d540f | ||
Daniel Flanagan | 20eaf3acbd | ||
Daniel Flanagan | 0ee453de49 | ||
Daniel Flanagan | 5b80da7323 | ||
Daniel Flanagan | 8c77376e36 | ||
Daniel Flanagan | 8d0e080906 | ||
Daniel Flanagan | b72c71a272 | ||
Daniel Flanagan | 8bb7b4cac2 | ||
Daniel Flanagan | 262ef3bb45 | ||
Daniel Flanagan | 2fc5333362 | ||
Daniel Flanagan | b7925c965e | ||
Daniel Flanagan | 727a70d843 | ||
Daniel Flanagan | a7ec834c6a | ||
Daniel Flanagan | a633ccc36f | ||
Daniel Flanagan | e7ecd05161 | ||
Daniel Flanagan | c520512399 | ||
Daniel Flanagan | 4c07dcacc1 | ||
Daniel Flanagan | 9616fb1df0 | ||
Daniel Flanagan | 3d9a29b857 | ||
Daniel Flanagan | 11e159c7c9 | ||
Daniel Flanagan | 003b5516fe | ||
Daniel Flanagan | f6eb6a72ad | ||
Daniel Flanagan | cf2f2ecf0a | ||
Daniel Flanagan | 524a34d819 | ||
Daniel Flanagan | 352e3d72a2 | ||
Daniel Flanagan | 26f2784f0f | ||
Daniel Flanagan | 25abed953f | ||
Daniel Flanagan | f8b68daf1e | ||
Daniel Flanagan | 6ddc70bcaa | ||
Daniel Flanagan | 67fe4216f2 | ||
Daniel Flanagan | 0ff4336088 | ||
Daniel Flanagan | 66e96e2960 | ||
Daniel Flanagan | 0984c7aef0 | ||
Daniel Flanagan | efe20354ea | ||
Daniel Flanagan | bbd09488ff | ||
Daniel Flanagan | 379adc7ec6 | ||
Daniel Flanagan | 639aad8c8a | ||
Daniel Flanagan | da602beac6 | ||
Daniel Flanagan | de02a81c92 |
33
.sops.yaml
33
.sops.yaml
|
@ -1,7 +1,19 @@
|
||||||
keys:
|
keys:
|
||||||
# after updating this, you will need to `sops updatekeys secrets.file` for any files that need the new key(s)
|
# list any public keys here
|
||||||
- &daniel age1stdue5q5teskee057ced6rh9pzzr93xsy66w4sc3zu49rgxl7cjshztt45 # pass age-key | rg '# pub'
|
|
||||||
- &sshd-at-beefcake age1etv56f7kf78a55lxqtydrdd32dpmsjnxndf4u28qezxn6p7xt9esqvqdq7 # ssh beefcake "nix-shell -p ssh-to-age --run 'cat /etc/ssh/ssh_host_ed25519_key.pub | ssh-to-age'"
|
# pass age-key | rg '# pub'
|
||||||
|
- &daniel age1stdue5q5teskee057ced6rh9pzzr93xsy66w4sc3zu49rgxl7cjshztt45
|
||||||
|
|
||||||
|
# per-host keys can be derived from a target host's ssh keys like so:
|
||||||
|
# ssh host "nix shell nixpkgs#ssh-to-age -c $SHELL -c 'cat /etc/ssh/ssh_host_ed25519_key.pub | ssh-to-age'"
|
||||||
|
- &sshd-at-beefcake age1etv56f7kf78a55lxqtydrdd32dpmsjnxndf4u28qezxn6p7xt9esqvqdq7
|
||||||
|
- &sshd-at-router age1zd7c3g5d20shdftq8ghqm0r92488dg4pdp4gulur7ex3zx2yq35ssxawpn
|
||||||
|
- &sshd-at-dragon age1ez4why08hdx0qf940cjzs6ep4q5rk2gqq7lp99pe58fktpwv65esx4xrht
|
||||||
|
- &ssh-foxtrot age1njnet9ltjuxasqv3ckn67r5natke6xgd8wlx8psf64pyc4duvurqhedw80
|
||||||
|
|
||||||
|
# after updating this file, you may need to update the keys for any associated files like so:
|
||||||
|
# sops updatekeys secrets.file
|
||||||
|
|
||||||
creation_rules:
|
creation_rules:
|
||||||
- path_regex: secrets/[^/]+\.(ya?ml|json|env|ini)$
|
- path_regex: secrets/[^/]+\.(ya?ml|json|env|ini)$
|
||||||
key_groups:
|
key_groups:
|
||||||
|
@ -12,3 +24,18 @@ creation_rules:
|
||||||
- age:
|
- age:
|
||||||
- *daniel
|
- *daniel
|
||||||
- *sshd-at-beefcake
|
- *sshd-at-beefcake
|
||||||
|
- path_regex: secrets/router/[^/]+\.(ya?ml|json|env|ini)$
|
||||||
|
key_groups:
|
||||||
|
- age:
|
||||||
|
- *daniel
|
||||||
|
- *sshd-at-router
|
||||||
|
- path_regex: secrets/dragon/[^/]+\.(ya?ml|json|env|ini)$
|
||||||
|
key_groups:
|
||||||
|
- age:
|
||||||
|
- *daniel
|
||||||
|
- *sshd-at-dragon
|
||||||
|
- path_regex: secrets/foxtrot/[^/]+\.(ya?ml|json|env|ini)$
|
||||||
|
key_groups:
|
||||||
|
- age:
|
||||||
|
- *daniel
|
||||||
|
- *ssh-foxtrot
|
||||||
|
|
|
@ -6,10 +6,12 @@ in {
|
||||||
swapSize,
|
swapSize,
|
||||||
...
|
...
|
||||||
}: {
|
}: {
|
||||||
# this is my standard partitioning scheme for my machines which probably want hibernation capabilities
|
/*
|
||||||
# a UEFI-compatible boot partition
|
this is my standard partitioning scheme for my machines which probably want hibernation capabilities
|
||||||
# it includes an LUKS-encrypted btrfs volume
|
a UEFI-compatible boot partition
|
||||||
# a swap partition big enough to dump all the machine's RAM into
|
it includes an LUKS-encrypted btrfs volume
|
||||||
|
a swap partition big enough to dump all the machine's RAM into
|
||||||
|
*/
|
||||||
|
|
||||||
disko.devices = {
|
disko.devices = {
|
||||||
disk = {
|
disk = {
|
||||||
|
@ -195,9 +197,11 @@ in {
|
||||||
beefcake = let
|
beefcake = let
|
||||||
zpools = {
|
zpools = {
|
||||||
zroot = {
|
zroot = {
|
||||||
# TODO: at the time of writing, disko does not support draid6
|
/*
|
||||||
# so I'm building/managing the array manually for the time being
|
TODO: at the time of writing, disko does not support draid6
|
||||||
# the root pool is just a single disk right now
|
so I'm building/managing the array manually for the time being
|
||||||
|
the root pool is just a single disk right now
|
||||||
|
*/
|
||||||
name = "zroot";
|
name = "zroot";
|
||||||
config = {
|
config = {
|
||||||
type = "zpool";
|
type = "zpool";
|
||||||
|
@ -242,9 +246,11 @@ in {
|
||||||
keylocation = "file:///tmp/secret.key";
|
keylocation = "file:///tmp/secret.key";
|
||||||
};
|
};
|
||||||
# use this to read the key during boot
|
# use this to read the key during boot
|
||||||
# postCreateHook = ''
|
/*
|
||||||
# zfs set keylocation="prompt" "zroot/$name";
|
postCreateHook = ''
|
||||||
# '';
|
zfs set keylocation="prompt" "zroot/$name";
|
||||||
|
'';
|
||||||
|
*/
|
||||||
};
|
};
|
||||||
"encrypted/test" = {
|
"encrypted/test" = {
|
||||||
type = "zfs_fs";
|
type = "zfs_fs";
|
||||||
|
@ -254,9 +260,11 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
zstorage = {
|
zstorage = {
|
||||||
# PARITY_COUNT=3 NUM_DRIVES=8 HOT_SPARES=2 sudo -E zpool create -f -O mountpoint=none -O compression=on -O xattr=sa -O acltype=posixacl -o ashift=12 -O atime=off -O recordsize=64K zstorage draid{$PARITY_COUNT}:{$NUM_DRIVES}c:{$HOT_SPARES}s /dev/disk/by-id/scsi-35000039548cb637c /dev/disk/by-id/scsi-35000039548cb7c8c /dev/disk/by-id/scsi-35000039548cb85c8 /dev/disk/by-id/scsi-35000039548d9b504 /dev/disk/by-id/scsi-35000039548da2b08 /dev/disk/by-id/scsi-35000039548dad2fc /dev/disk/by-id/scsi-350000399384be921 /dev/disk/by-id/scsi-35000039548db096c
|
/*
|
||||||
# sudo zfs create -o mountpoint=legacy zstorage/nix
|
PARITY_COUNT=3 NUM_DRIVES=8 HOT_SPARES=2 sudo -E zpool create -f -O mountpoint=none -O compression=on -O xattr=sa -O acltype=posixacl -o ashift=12 -O atime=off -O recordsize=64K zstorage draid{$PARITY_COUNT}:{$NUM_DRIVES}c:{$HOT_SPARES}s /dev/disk/by-id/scsi-35000039548cb637c /dev/disk/by-id/scsi-35000039548cb7c8c /dev/disk/by-id/scsi-35000039548cb85c8 /dev/disk/by-id/scsi-35000039548d9b504 /dev/disk/by-id/scsi-35000039548da2b08 /dev/disk/by-id/scsi-35000039548dad2fc /dev/disk/by-id/scsi-350000399384be921 /dev/disk/by-id/scsi-35000039548db096c
|
||||||
# sudo zfs create -o canmount=on -o mountpoint=/storage zstorage/storage
|
sudo zfs create -o mountpoint=legacy zstorage/nix
|
||||||
|
sudo zfs create -o canmount=on -o mountpoint=/storage zstorage/storage
|
||||||
|
*/
|
||||||
name = "zstorage";
|
name = "zstorage";
|
||||||
config = {};
|
config = {};
|
||||||
};
|
};
|
||||||
|
|
170
flake.lock
170
flake.lock
|
@ -20,11 +20,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1724850097,
|
"lastModified": 1725199881,
|
||||||
"narHash": "sha256-3BHxvFb3NJzch1X8puRMkVZujOoarQ1llu3ZcwuvsKU=",
|
"narHash": "sha256-jsmipf/u1GFZE5tBUkr56CHMN6VpUWCAjfLIhvQijU0=",
|
||||||
"owner": "hyprwm",
|
"owner": "hyprwm",
|
||||||
"repo": "aquamarine",
|
"repo": "aquamarine",
|
||||||
"rev": "23c7925dd31e79e8c06086ace3edb129a070ac01",
|
"rev": "f8a687dd29ff019657498f1bd14da2fbbf0e604b",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -61,11 +61,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1724895876,
|
"lastModified": 1725377834,
|
||||||
"narHash": "sha256-GSqAwa00+vRuHbq9O/yRv7Ov7W/pcMLis3HmeHv8a+Q=",
|
"narHash": "sha256-tqoAO8oT6zEUDXte98cvA1saU9+1dLJQe3pMKLXv8ps=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "disko",
|
"repo": "disko",
|
||||||
"rev": "511388d837178979de66d14ca4a2ebd5f7991cd3",
|
"rev": "e55f9a8678adc02024a4877c2a403e3f6daf24fe",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -170,11 +170,11 @@
|
||||||
"nixpkgs-stable": "nixpkgs-stable"
|
"nixpkgs-stable": "nixpkgs-stable"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1724857454,
|
"lastModified": 1725513492,
|
||||||
"narHash": "sha256-Qyl9Q4QMTLZnnBb/8OuQ9LSkzWjBU1T5l5zIzTxkkhk=",
|
"narHash": "sha256-tyMUA6NgJSvvQuzB7A1Sf8+0XCHyfSPRx/b00o6K0uo=",
|
||||||
"owner": "cachix",
|
"owner": "cachix",
|
||||||
"repo": "git-hooks.nix",
|
"repo": "git-hooks.nix",
|
||||||
"rev": "4509ca64f1084e73bc7a721b20c669a8d4c5ebe6",
|
"rev": "7570de7b9b504cfe92025dd1be797bf546f66528",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -252,11 +252,11 @@
|
||||||
},
|
},
|
||||||
"hardware": {
|
"hardware": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1724878143,
|
"lastModified": 1725885300,
|
||||||
"narHash": "sha256-UjpKo92iZ25M05kgSOw/Ti6VZwpgdlOa73zHj8OcaDk=",
|
"narHash": "sha256-5RLEnou1/GJQl+Wd+Bxaj7QY7FFQ9wjnFq1VNEaxTmc=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixos-hardware",
|
"repo": "nixos-hardware",
|
||||||
"rev": "95c3dfe6ef2e96ddc1ccdd7194e3cda02ca9a8ef",
|
"rev": "166dee4f88a7e3ba1b7a243edb1aca822f00680e",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -290,11 +290,11 @@
|
||||||
"rust-overlay": "rust-overlay"
|
"rust-overlay": "rust-overlay"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1724856988,
|
"lastModified": 1725976743,
|
||||||
"narHash": "sha256-JBLe2CxAhG+J8+x8qmbzkGHNYmGcSiuY2QO4Zhb72lI=",
|
"narHash": "sha256-pLQQbiC9uO4lF58fAnlcDxlbsBB1XFWswsU1oZOIVqU=",
|
||||||
"owner": "helix-editor",
|
"owner": "helix-editor",
|
||||||
"repo": "helix",
|
"repo": "helix",
|
||||||
"rev": "1b5295a3f3d7cccd96eed5bfd394807a4dae87fc",
|
"rev": "237cbe4bca46eed52efed39ed75eb44aaccbdde3",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -311,11 +311,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1720042825,
|
"lastModified": 1725703823,
|
||||||
"narHash": "sha256-A0vrUB6x82/jvf17qPCpxaM+ulJnD8YZwH9Ci0BsAzE=",
|
"narHash": "sha256-tDgM4d8mLK0Hd6YMB2w1BqMto1XBXADOzPEaLl10VI4=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "e1391fb22e18a36f57e6999c7a9f966dc80ac073",
|
"rev": "208df2e558b73b6a1f0faec98493cb59a25f62ba",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -332,11 +332,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1724435763,
|
"lastModified": 1725948275,
|
||||||
"narHash": "sha256-UNky3lJNGQtUEXT2OY8gMxejakSWPTfWKvpFkpFlAfM=",
|
"narHash": "sha256-4QOPemDQ9VRLQaAdWuvdDBhh+lEUOAnSMHhdr4nS1mk=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "c2cd2a52e02f1dfa1c88f95abeb89298d46023be",
|
"rev": "e5fa72bad0c6f533e8d558182529ee2acc9454fe",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -386,11 +386,11 @@
|
||||||
"xdph": "xdph"
|
"xdph": "xdph"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1724938863,
|
"lastModified": 1726132501,
|
||||||
"narHash": "sha256-CxVxeKpXWm5Jl5wkJFwDnmU/EhJ95/NPiTGKdjrpaLM=",
|
"narHash": "sha256-mFSCZCvUZJX51V7F2NA3uAj5iaCzsDWhBXMNDz0PhH0=",
|
||||||
"owner": "hyprwm",
|
"owner": "hyprwm",
|
||||||
"repo": "Hyprland",
|
"repo": "Hyprland",
|
||||||
"rev": "92a0dd164e9cc74060b63abae67b0204b6b6074c",
|
"rev": "73b9756b8d7ee06fc1c9f072f2a41f2dd1aeb2c9",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -442,11 +442,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1724174162,
|
"lastModified": 1725188252,
|
||||||
"narHash": "sha256-fOOBLwil6M9QWMCiSULwjMQzrXhHXUnEqmjHX5ZHeVI=",
|
"narHash": "sha256-yBH8c4GDaEAtBrh+BqIlrx5vp6gG/Gu8fQQK63KAQgs=",
|
||||||
"owner": "hyprwm",
|
"owner": "hyprwm",
|
||||||
"repo": "hyprlang",
|
"repo": "hyprlang",
|
||||||
"rev": "16e5c9465f04477d8a3dd48a0a26bf437986336c",
|
"rev": "c12ab785ce1982f82594aff03b3104c598186ddd",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -467,11 +467,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1724863980,
|
"lastModified": 1724966483,
|
||||||
"narHash": "sha256-7Ke9wFRYPUIXwm5ZndGHkWBKj6BsFTkSEXUNXQRHE54=",
|
"narHash": "sha256-WXDgKIbzjYKczxSZOsJplCS1i1yrTUpsDPuJV/xpYLo=",
|
||||||
"owner": "hyprwm",
|
"owner": "hyprwm",
|
||||||
"repo": "hyprutils",
|
"repo": "hyprutils",
|
||||||
"rev": "aadf9a27dddd2272ca354ba5a22a0c2d1f919039",
|
"rev": "8976e3f6a5357da953a09511d0c7f6a890fb6ec2",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -505,6 +505,28 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"jovian": {
|
||||||
|
"inputs": {
|
||||||
|
"nix-github-actions": "nix-github-actions",
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs-unstable"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1728974938,
|
||||||
|
"narHash": "sha256-pTPEx6WlM+nJVGrRUGx7Di4ljZMwE9HfvlZ6f3NzNfo=",
|
||||||
|
"owner": "Jovian-Experiments",
|
||||||
|
"repo": "Jovian-NixOS",
|
||||||
|
"rev": "23170582b0658e6afd913149a58863af3a57b376",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "Jovian-Experiments",
|
||||||
|
"ref": "development",
|
||||||
|
"repo": "Jovian-NixOS",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"libpng": {
|
"libpng": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
|
@ -522,6 +544,44 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"mobile-nixos": {
|
||||||
|
"flake": false,
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1728423157,
|
||||||
|
"narHash": "sha256-pJaC+Aef6oixhV6HdWPS2Pq/TgHxEN+MPLYUjighWYI=",
|
||||||
|
"owner": "lytedev",
|
||||||
|
"repo": "mobile-nixos",
|
||||||
|
"rev": "b2c496bbcebc85a28d1d939b56bd331536bd1ac4",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "lytedev",
|
||||||
|
"repo": "mobile-nixos",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"nix-github-actions": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"jovian",
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1690328911,
|
||||||
|
"narHash": "sha256-fxtExYk+aGf2YbjeWQ8JY9/n9dwuEt+ma1eUFzF8Jeo=",
|
||||||
|
"owner": "zhaofengli",
|
||||||
|
"repo": "nix-github-actions",
|
||||||
|
"rev": "96df4a39c52f53cb7098b923224d8ce941b64747",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "zhaofengli",
|
||||||
|
"ref": "matrix-name",
|
||||||
|
"repo": "nix-github-actions",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1709479366,
|
"lastModified": 1709479366,
|
||||||
|
@ -572,11 +632,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs-unstable": {
|
"nixpkgs-unstable": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1724999960,
|
"lastModified": 1725910328,
|
||||||
"narHash": "sha256-LB3jqSGW5u1ZcUcX6vO/qBOq5oXHlmOCxsTXGMEitp4=",
|
"narHash": "sha256-n9pCtzGZ0httmTwMuEbi5E78UQ4ZbQMr1pzi5N0LAG8=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "b96f849e725333eb2b1c7f1cb84ff102062468ba",
|
"rev": "5775c2583f1801df7b790bf7f7d710a19bac66f4",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -588,11 +648,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_2": {
|
"nixpkgs_2": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1724819573,
|
"lastModified": 1725103162,
|
||||||
"narHash": "sha256-GnR7/ibgIH1vhoy8cYdmXE6iyZqKqFxQSVkFgosBh6w=",
|
"narHash": "sha256-Ym04C5+qovuQDYL/rKWSR+WESseQBbNAe5DsXNx5trY=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "71e91c409d1e654808b2621f28a327acfdad8dc2",
|
"rev": "12228ff1752d7b7624a54e9c1af4b222b3c1073b",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -604,11 +664,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_3": {
|
"nixpkgs_3": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1724727824,
|
"lastModified": 1725826545,
|
||||||
"narHash": "sha256-0XH9MJk54imJm+RHOLTUJ7e+ponLW00tw5ke4MTVa1Y=",
|
"narHash": "sha256-L64N1rpLlXdc94H+F6scnrbuEu+utC03cDDVvvJGOME=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "36bae45077667aff5720e5b3f1a5458f51cf0776",
|
"rev": "f4c846aee8e1e29062aa8514d5e0ab270f4ec2f9",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -627,6 +687,8 @@
|
||||||
"home-manager": "home-manager",
|
"home-manager": "home-manager",
|
||||||
"home-manager-unstable": "home-manager-unstable",
|
"home-manager-unstable": "home-manager-unstable",
|
||||||
"hyprland": "hyprland",
|
"hyprland": "hyprland",
|
||||||
|
"jovian": "jovian",
|
||||||
|
"mobile-nixos": "mobile-nixos",
|
||||||
"nixpkgs": "nixpkgs_3",
|
"nixpkgs": "nixpkgs_3",
|
||||||
"nixpkgs-unstable": "nixpkgs-unstable",
|
"nixpkgs-unstable": "nixpkgs-unstable",
|
||||||
"slippi": "slippi",
|
"slippi": "slippi",
|
||||||
|
@ -667,11 +729,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1721441897,
|
"lastModified": 1726280639,
|
||||||
"narHash": "sha256-gYGX9/22tPNeF7dR6bWN5rsrpU4d06GnQNNgZ6ZiXz0=",
|
"narHash": "sha256-YfLRPlFZWrT2oRLNAoqf7G3+NnUTDdlIJk6tmBU7kXM=",
|
||||||
"owner": "oxalica",
|
"owner": "oxalica",
|
||||||
"repo": "rust-overlay",
|
"repo": "rust-overlay",
|
||||||
"rev": "b7996075da11a2d441cfbf4e77c2939ce51506fd",
|
"rev": "e9f8641c92f26fd1e076e705edb12147c384171d",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -691,11 +753,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1722375582,
|
"lastModified": 1725647475,
|
||||||
"narHash": "sha256-NKUQoYIr+982vUXwlDGbBFY4259CX/mngVHYH4sjL8Y=",
|
"narHash": "sha256-1PaNuhxB+rhAcpBMwDZCUJpI7Lw0AJfzYot/S18hrXo=",
|
||||||
"owner": "lytedev",
|
"owner": "lytedev",
|
||||||
"repo": "slippi-nix",
|
"repo": "slippi-nix",
|
||||||
"rev": "ec418c0b7ed1191e227b2d821c02ee5b5fbe68f1",
|
"rev": "10eb5d58b9d9c0da276d48d1c12898ea53c89d2a",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -714,11 +776,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1723501126,
|
"lastModified": 1725922448,
|
||||||
"narHash": "sha256-N9IcHgj/p1+2Pvk8P4Zc1bfrMwld5PcosVA0nL6IGdE=",
|
"narHash": "sha256-ruvh8tlEflRPifs5tlpa0gkttzq4UtgXkJQS7FusgFE=",
|
||||||
"owner": "Mic92",
|
"owner": "Mic92",
|
||||||
"repo": "sops-nix",
|
"repo": "sops-nix",
|
||||||
"rev": "be0eec2d27563590194a9206f551a6f73d52fa34",
|
"rev": "cede1a08039178ac12957733e97ab1006c6b6892",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -786,11 +848,11 @@
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"dir": "nix",
|
"dir": "nix",
|
||||||
"lastModified": 1723525023,
|
"lastModified": 1727585736,
|
||||||
"narHash": "sha256-ZsDJQSUokodwFMP4FIZm2dYojf5iC4F/EeKC5VuQlqY=",
|
"narHash": "sha256-vEkcyKdFpfWbrtZlB5DCjNCmI2GudIJuHstWo3F9gL8=",
|
||||||
"owner": "wez",
|
"owner": "wez",
|
||||||
"repo": "wezterm",
|
"repo": "wezterm",
|
||||||
"rev": "30345b36d8a00fed347e4df5dadd83915a7693fb",
|
"rev": "a2f2c07a29f5c98f6736cde0c86b24887f9fd48a",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -817,11 +879,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1724073926,
|
"lastModified": 1725203932,
|
||||||
"narHash": "sha256-nWlUL43jOFHf+KW6Hqrx+W/r1XdXuDyb0wC/SrHsOu4=",
|
"narHash": "sha256-VLULC/OnI+6R9KEP2OIGk+uLJJsfRlaLouZ5gyFd2+Y=",
|
||||||
"owner": "hyprwm",
|
"owner": "hyprwm",
|
||||||
"repo": "xdg-desktop-portal-hyprland",
|
"repo": "xdg-desktop-portal-hyprland",
|
||||||
"rev": "a08ecbbf33598924e93542f737fc6169a26b481e",
|
"rev": "2425e8f541525fa7409d9f26a8ffaf92a3767251",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
295
flake.nix
295
flake.nix
|
@ -31,7 +31,15 @@
|
||||||
slippi.inputs.nixpkgs.follows = "nixpkgs-unstable";
|
slippi.inputs.nixpkgs.follows = "nixpkgs-unstable";
|
||||||
slippi.inputs.home-manager.follows = "home-manager-unstable";
|
slippi.inputs.home-manager.follows = "home-manager-unstable";
|
||||||
|
|
||||||
|
jovian.url = "github:Jovian-Experiments/Jovian-NixOS/development";
|
||||||
|
jovian.inputs.nixpkgs.follows = "nixpkgs-unstable";
|
||||||
|
|
||||||
# nnf.url = "github:thelegy/nixos-nftables-firewall?rev=71fc2b79358d0dbacde83c806a0f008ece567b7b";
|
# nnf.url = "github:thelegy/nixos-nftables-firewall?rev=71fc2b79358d0dbacde83c806a0f008ece567b7b";
|
||||||
|
|
||||||
|
mobile-nixos = {
|
||||||
|
url = "github:lytedev/mobile-nixos";
|
||||||
|
flake = false;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
nixConfig = {
|
nixConfig = {
|
||||||
|
@ -41,7 +49,7 @@
|
||||||
"https://cache.nixos.org/"
|
"https://cache.nixos.org/"
|
||||||
"https://helix.cachix.org"
|
"https://helix.cachix.org"
|
||||||
"https://nix-community.cachix.org"
|
"https://nix-community.cachix.org"
|
||||||
# "https://nix.h.lyte.dev"
|
"https://nix.h.lyte.dev"
|
||||||
"https://hyprland.cachix.org"
|
"https://hyprland.cachix.org"
|
||||||
];
|
];
|
||||||
|
|
||||||
|
@ -66,6 +74,8 @@
|
||||||
home-manager-unstable,
|
home-manager-unstable,
|
||||||
helix,
|
helix,
|
||||||
hardware,
|
hardware,
|
||||||
|
jovian,
|
||||||
|
mobile-nixos,
|
||||||
# nnf,
|
# nnf,
|
||||||
# hyprland,
|
# hyprland,
|
||||||
slippi,
|
slippi,
|
||||||
|
@ -88,24 +98,30 @@
|
||||||
pkg = callee: overrides: genPkgs (pkgs: pkgs.callPackage callee overrides);
|
pkg = callee: overrides: genPkgs (pkgs: pkgs.callPackage callee overrides);
|
||||||
};
|
};
|
||||||
|
|
||||||
colors = (import ./lib/colors.nix {inherit (nixpkgs) lib;}).schemes.catppuccin-mocha-sapphire;
|
style = {
|
||||||
|
colors = (import ./lib/colors.nix {inherit (nixpkgs) lib;}).schemes.catppuccin-mocha-sapphire;
|
||||||
|
|
||||||
# font = {
|
font = {
|
||||||
# name = "IosevkaLyteTerm";
|
name = "IosevkaLyteTerm";
|
||||||
# size = 12;
|
size = 12;
|
||||||
# };
|
};
|
||||||
|
};
|
||||||
|
|
||||||
# moduleArgs = {
|
/*
|
||||||
# # inherit colors font;
|
moduleArgs = {
|
||||||
# inherit helix slippi hyprland hardware disko home-manager;
|
# inherit style;
|
||||||
# inherit (outputs) nixosModules homeManagerModules diskoConfigurations overlays;
|
inherit helix slippi hyprland hardware disko home-manager;
|
||||||
# };
|
inherit (outputs) nixosModules homeManagerModules diskoConfigurations overlays;
|
||||||
|
};
|
||||||
|
*/
|
||||||
|
|
||||||
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAPLXOjupz3ScYjgrF+ehrbp9OvGAWQLI6fplX6w9Ijb daniel@lyte.dev";
|
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAPLXOjupz3ScYjgrF+ehrbp9OvGAWQLI6fplX6w9Ijb daniel@lyte.dev";
|
||||||
in {
|
in {
|
||||||
# kind of a quirk, but package definitions are actually in the "additions"
|
/*
|
||||||
# overlay I did this to work around some recursion problems
|
kind of a quirk, but package definitions are actually in the "additions"
|
||||||
# TODO: https://discourse.nixos.org/t/infinite-recursion-getting-started-with-overlays/48880
|
overlay I did this to work around some recursion problems
|
||||||
|
TODO: https://discourse.nixos.org/t/infinite-recursion-getting-started-with-overlays/48880
|
||||||
|
*/
|
||||||
packages = genPkgs (pkgs: {inherit (pkgs) iosevkaLyteTerm iosevkaLyteTermSubset nix-base-container-image;});
|
packages = genPkgs (pkgs: {inherit (pkgs) iosevkaLyteTerm iosevkaLyteTermSubset nix-base-container-image;});
|
||||||
diskoConfigurations = import ./disko {inherit (nixpkgs) lib;};
|
diskoConfigurations = import ./disko {inherit (nixpkgs) lib;};
|
||||||
templates = import ./templates;
|
templates = import ./templates;
|
||||||
|
@ -219,10 +235,12 @@
|
||||||
in rec {
|
in rec {
|
||||||
helix = helix.outputs.packages.${prev.system}.helix;
|
helix = helix.outputs.packages.${prev.system}.helix;
|
||||||
final.helix = helix;
|
final.helix = helix;
|
||||||
# TODO: would love to use a current wezterm build so I can make use of ssh/mux functionality without breakage
|
/*
|
||||||
# source: https://github.com/wez/wezterm/issues/3771
|
TODO: would love to use a current wezterm build so I can make use of ssh/mux functionality without breakage
|
||||||
# not-yet-merged (abandoned?): https://github.com/wez/wezterm/pull/4737
|
source: https://github.com/wez/wezterm/issues/3771
|
||||||
# I did try using the latest code via the flake, but alas it did not resolve my issues with mux'ing
|
not-yet-merged (abandoned?): https://github.com/wez/wezterm/pull/4737
|
||||||
|
I did try using the latest code via the flake, but alas it did not resolve my issues with mux'ing
|
||||||
|
*/
|
||||||
wezterm = wezterm-input.outputs.packages.${prev.system}.default;
|
wezterm = wezterm-input.outputs.packages.${prev.system}.default;
|
||||||
final.wezterm = wezterm;
|
final.wezterm = wezterm;
|
||||||
};
|
};
|
||||||
|
@ -236,12 +254,12 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
nixosModules = import ./modules/nixos {
|
nixosModules = import ./modules/nixos {
|
||||||
inherit home-manager home-manager-unstable helix nixosModules homeManagerModules pubkey overlays colors sops-nix disko;
|
inherit home-manager home-manager-unstable helix nixosModules homeManagerModules pubkey overlays style sops-nix disko;
|
||||||
flakeInputs = self.inputs;
|
flakeInputs = self.inputs;
|
||||||
};
|
};
|
||||||
|
|
||||||
homeManagerModules = import ./modules/home-manager {
|
homeManagerModules = import ./modules/home-manager {
|
||||||
inherit home-manager home-manager-unstable helix nixosModules homeManagerModules pubkey overlays colors;
|
inherit home-manager home-manager-unstable helix nixosModules homeManagerModules pubkey overlays style;
|
||||||
inherit (nixpkgs) lib;
|
inherit (nixpkgs) lib;
|
||||||
flakeInputs = self.inputs;
|
flakeInputs = self.inputs;
|
||||||
};
|
};
|
||||||
|
@ -266,9 +284,12 @@
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
family-users
|
||||||
common
|
common
|
||||||
podman
|
podman
|
||||||
troubleshooting-tools
|
troubleshooting-tools
|
||||||
|
virtual-machines
|
||||||
|
virtual-machines-gui
|
||||||
linux
|
linux
|
||||||
fonts
|
fonts
|
||||||
|
|
||||||
|
@ -289,10 +310,23 @@
|
||||||
password-manager
|
password-manager
|
||||||
wifi
|
wifi
|
||||||
graphical-workstation
|
graphical-workstation
|
||||||
|
virtual-machines
|
||||||
|
virtual-machines-gui
|
||||||
music-production
|
music-production
|
||||||
gaming
|
gaming
|
||||||
slippi.nixosModules.default
|
slippi.nixosModules.default
|
||||||
|
|
||||||
|
outputs.nixosModules.deno-netlify-ddns-client
|
||||||
|
|
||||||
|
{
|
||||||
|
services.deno-netlify-ddns-client = {
|
||||||
|
enable = true;
|
||||||
|
username = "dragon.h";
|
||||||
|
# TODO: router doesn't even do ipv6 yet...
|
||||||
|
ipv6 = false;
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
./nixos/dragon.nix
|
./nixos/dragon.nix
|
||||||
|
|
||||||
{
|
{
|
||||||
|
@ -344,10 +378,10 @@
|
||||||
home-manager-defaults
|
home-manager-defaults
|
||||||
|
|
||||||
hardware.nixosModules.common-pc-ssd
|
hardware.nixosModules.common-pc-ssd
|
||||||
|
|
||||||
common
|
common
|
||||||
gaming
|
gaming
|
||||||
graphical-workstation
|
graphical-workstation
|
||||||
|
plasma6
|
||||||
|
|
||||||
./nixos/htpc.nix
|
./nixos/htpc.nix
|
||||||
|
|
||||||
|
@ -361,6 +395,37 @@
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
steamdeck1 = nixpkgs-unstable.lib.nixosSystem {
|
||||||
|
system = "x86_64-linux";
|
||||||
|
modules = with nixosModules; [
|
||||||
|
home-manager-unstable-defaults
|
||||||
|
|
||||||
|
outputs.diskoConfigurations.standard
|
||||||
|
hardware.nixosModules.common-pc-ssd
|
||||||
|
common
|
||||||
|
gaming
|
||||||
|
graphical-workstation
|
||||||
|
plasma6
|
||||||
|
|
||||||
|
jovian.outputs.nixosModules.jovian
|
||||||
|
|
||||||
|
{
|
||||||
|
networking.hostName = "steamdeck1";
|
||||||
|
boot.loader.systemd-boot.enable = true;
|
||||||
|
boot.loader.efi.canTouchEfiVariables = true;
|
||||||
|
hardware.bluetooth.enable = true;
|
||||||
|
networking.networkmanager.enable = true;
|
||||||
|
|
||||||
|
home-manager.users.daniel = {
|
||||||
|
imports = with homeManagerModules; [
|
||||||
|
firefox-no-tabs
|
||||||
|
linux-desktop-environment-config
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
foxtrot = nixpkgs-unstable.lib.nixosSystem {
|
foxtrot = nixpkgs-unstable.lib.nixosSystem {
|
||||||
system = "x86_64-linux";
|
system = "x86_64-linux";
|
||||||
modules = with nixosModules; [
|
modules = with nixosModules; [
|
||||||
|
@ -370,10 +435,14 @@
|
||||||
hardware.nixosModules.framework-13-7040-amd
|
hardware.nixosModules.framework-13-7040-amd
|
||||||
|
|
||||||
common
|
common
|
||||||
|
kde-connect
|
||||||
password-manager
|
password-manager
|
||||||
graphical-workstation
|
graphical-workstation
|
||||||
|
virtual-machines
|
||||||
|
virtual-machines-gui
|
||||||
laptop
|
laptop
|
||||||
gaming
|
gaming
|
||||||
|
cross-compiler
|
||||||
|
|
||||||
./nixos/foxtrot.nix
|
./nixos/foxtrot.nix
|
||||||
|
|
||||||
|
@ -398,6 +467,24 @@
|
||||||
modprobe -v mt7921e
|
modprobe -v mt7921e
|
||||||
'';
|
'';
|
||||||
})
|
})
|
||||||
|
(writeShellApplication
|
||||||
|
{
|
||||||
|
name = "perfmode";
|
||||||
|
# we use command -v $cmd here because we only want to invoke these calls _if_ the related package is installed on the system
|
||||||
|
# otherwise, they will likely have no effect anyways
|
||||||
|
text = ''
|
||||||
|
command -v powerprofilesctl &>/dev/null && bash -x -c 'powerprofilesctl set performance'
|
||||||
|
command -v swaymsg &>/dev/null && bash -x -c 'swaymsg output eDP-1 mode 2880x1920@120Hz'
|
||||||
|
'';
|
||||||
|
})
|
||||||
|
(writeShellApplication
|
||||||
|
{
|
||||||
|
name = "battmode";
|
||||||
|
text = ''
|
||||||
|
command -v powerprofilesctl &>/dev/null && bash -x -c 'powerprofilesctl set power-saver'
|
||||||
|
command -v swaymsg &>/dev/null && bash -x -c 'swaymsg output eDP-1 mode 2880x1920@60Hz'
|
||||||
|
'';
|
||||||
|
})
|
||||||
];
|
];
|
||||||
})
|
})
|
||||||
];
|
];
|
||||||
|
@ -434,33 +521,35 @@
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
# grablet = nixpkgs.lib.nixosSystem {
|
/*
|
||||||
# system = "x86_64-linux";
|
grablet = nixpkgs.lib.nixosSystem {
|
||||||
# modules = with nixosModules; [
|
system = "x86_64-linux";
|
||||||
# common
|
modules = with nixosModules; [
|
||||||
|
common
|
||||||
|
|
||||||
# outputs.diskoConfigurations.standard
|
outputs.diskoConfigurations.standard
|
||||||
# hardware.nixosModules.common-cpu-intel-kaby-lake
|
hardware.nixosModules.common-cpu-intel-kaby-lake
|
||||||
# hardware.nixosModules.common-pc-laptopp-ssd
|
hardware.nixosModules.common-pc-laptopp-ssd
|
||||||
# graphical-workstation
|
graphical-workstation
|
||||||
# laptop
|
laptop
|
||||||
# gaming
|
gaming
|
||||||
|
|
||||||
# ./nixos/thablet.nix
|
./nixos/thablet.nix
|
||||||
|
|
||||||
# {
|
{
|
||||||
# home-manager.users.daniel = {
|
home-manager.users.daniel = {
|
||||||
# imports = with homeManagerModules; [
|
imports = with homeManagerModules; [
|
||||||
# iex
|
iex
|
||||||
# cargo
|
cargo
|
||||||
# linux-desktop-environment-config
|
linux-desktop-environment-config
|
||||||
# ];
|
];
|
||||||
# };
|
};
|
||||||
|
|
||||||
# powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
|
powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
|
||||||
# }
|
}
|
||||||
# ];
|
];
|
||||||
# };
|
};
|
||||||
|
*/
|
||||||
|
|
||||||
thinker = nixpkgs-unstable.lib.nixosSystem {
|
thinker = nixpkgs-unstable.lib.nixosSystem {
|
||||||
system = "x86_64-linux";
|
system = "x86_64-linux";
|
||||||
|
@ -558,17 +647,117 @@
|
||||||
linux
|
linux
|
||||||
troubleshooting-tools
|
troubleshooting-tools
|
||||||
|
|
||||||
# NOTE: maybe use this someday, but I think I need more concrete
|
outputs.nixosModules.deno-netlify-ddns-client
|
||||||
# networking knowledge before I know how to use it well. Additionally,
|
|
||||||
# I can use my existing firewall configuration more easily if I manage
|
{
|
||||||
# it directly.
|
services.deno-netlify-ddns-client = {
|
||||||
# nnf.nixosModules.default
|
enable = true;
|
||||||
|
username = "router.h";
|
||||||
|
# TODO: ipv6
|
||||||
|
ipv6 = false;
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
NOTE: maybe use this someday, but I think I need more concrete
|
||||||
|
networking knowledge before I know how to use it well. Additionally,
|
||||||
|
I can use my existing firewall configuration more easily if I manage
|
||||||
|
it directly.
|
||||||
|
nnf.nixosModules.default
|
||||||
|
*/
|
||||||
|
|
||||||
./nixos/router.nix
|
./nixos/router.nix
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# pinephone-image =
|
||||||
|
# (import "${mobile-nixos}/lib/eval-with-configuration.nix" {
|
||||||
|
# configuration = with nixosModules; [
|
||||||
|
# linux
|
||||||
|
# home-manager-defaults
|
||||||
|
|
||||||
|
# # outputs.diskoConfigurations.unencrypted # can I even disko with an image-based installation?
|
||||||
|
# common
|
||||||
|
# wifi
|
||||||
|
|
||||||
|
# # TODO: how do I get a minimally useful mobile environment?
|
||||||
|
# # for me, this means an on-screen keyboard and suspend support I think?
|
||||||
|
# # I can live in a tty if needed and graphical stuff can all evolve later
|
||||||
|
# # not worried about modem
|
||||||
|
# # maybe/hopefully I can pull in or define my own sxmo via nix?
|
||||||
|
# ];
|
||||||
|
# device = "pine64-pinephone";
|
||||||
|
# pkgs = pkgsFor "aarch64-linux";
|
||||||
|
# })
|
||||||
|
# .outputs
|
||||||
|
# .disk-image;
|
||||||
|
|
||||||
|
pinephone = let
|
||||||
|
inherit (nixpkgs-unstable) lib;
|
||||||
|
in
|
||||||
|
lib.nixosSystem {
|
||||||
|
system = "aarch64-linux";
|
||||||
|
# lib.nixosSystem {
|
||||||
|
|
||||||
|
modules = with nixosModules; [
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
(import "${mobile-nixos}/lib/configuration.nix" {
|
||||||
|
device = "pine64-pinephone";
|
||||||
|
})
|
||||||
|
];
|
||||||
|
|
||||||
|
# nixpkgs.hostPlatform.system = "aarch64-linux";
|
||||||
|
nixpkgs.buildPlatform = "x86_64-linux";
|
||||||
|
|
||||||
|
# TODO: quirk: since the pinephone kernel doesn't seem to have "rpfilter" support, firewall ain't working
|
||||||
|
networking.firewall.enable = lib.mkForce false;
|
||||||
|
|
||||||
|
# TODO: quirk: since git send-email requires perl support, which we don't seem to have on the pinephone, we're just disabling git for now
|
||||||
|
# TODO: would likely be easier/better to somehow ignore the assertion? probably a way to do that...
|
||||||
|
programs.git.enable = lib.mkForce false;
|
||||||
|
|
||||||
|
# this option is conflicted, presumably due to some assumption in my defaults/common config
|
||||||
|
# the sd-image module we're importing above has this set to true, so we better go with that?
|
||||||
|
# that said, I think the mobile-nixos bootloader module has this set to false, so...
|
||||||
|
# TODO: what does this mean?
|
||||||
|
boot.loader.generic-extlinux-compatible.enable = lib.mkForce true;
|
||||||
|
|
||||||
|
# another conflicting option since I think I default to NetworkManager and this conflicts with networking.wireless.enable
|
||||||
|
networking.networkmanager.enable = lib.mkForce false;
|
||||||
|
networking.wireless.enable = lib.mkForce true;
|
||||||
|
}
|
||||||
|
|
||||||
|
# TODO: how do I build this as a .img to flash to an SD card?
|
||||||
|
|
||||||
|
# for testing, this seems to work `nixos-rebuild build --impure --flake .#pinephone`
|
||||||
|
|
||||||
|
# TODO: would like to use the mobile-nixos installer?
|
||||||
|
"${nixpkgs-unstable}/nixos/modules/installer/sd-card/sd-image-aarch64-installer.nix"
|
||||||
|
|
||||||
|
linux
|
||||||
|
home-manager-unstable-defaults
|
||||||
|
|
||||||
|
# outputs.diskoConfigurations.unencrypted # can I even disko with an image-based installation?
|
||||||
|
common
|
||||||
|
wifi
|
||||||
|
|
||||||
|
{
|
||||||
|
system.stateVersion = "24.11";
|
||||||
|
}
|
||||||
|
|
||||||
|
{
|
||||||
|
# nixpkgs.buildPlatform = "x86_64-linux";
|
||||||
|
# nixpkgs.hostPlatform = lib.systems.examples.aarch64-multiplatform;
|
||||||
|
# nixpkgs.localSystem.system = lib.systems.examples.x86_64-linux;
|
||||||
|
# nixpkgs.crossSystem = lib.mkForce null;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
images.pinephone = outputs.nixosConfigurations.pinephone.config.system.build.sdImage;
|
||||||
|
|
||||||
homeConfigurations = {
|
homeConfigurations = {
|
||||||
"deck" = let
|
"deck" = let
|
||||||
system = "x86_64-linux";
|
system = "x86_64-linux";
|
||||||
|
@ -596,8 +785,10 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# TODO: nix-on-droid for phone terminal usage?
|
/*
|
||||||
# TODO: nix-darwin for work?
|
TODO: nix-on-droid for phone terminal usage? mobile-nixos?
|
||||||
# TODO: nixos ISO?
|
TODO: nix-darwin for work?
|
||||||
|
TODO: nixos ISO?
|
||||||
|
*/
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
{
|
{
|
||||||
colors,
|
style,
|
||||||
lib,
|
lib,
|
||||||
flakeInputs,
|
flakeInputs,
|
||||||
homeManagerModules,
|
homeManagerModules,
|
||||||
|
@ -16,16 +16,18 @@
|
||||||
config = {
|
config = {
|
||||||
theme = "ansi";
|
theme = "ansi";
|
||||||
};
|
};
|
||||||
# themes = {
|
/*
|
||||||
# "Catppuccin-mocha" = builtins.readFile (pkgs.fetchFromGitHub
|
themes = {
|
||||||
# {
|
"Catppuccin-mocha" = builtins.readFile (pkgs.fetchFromGitHub
|
||||||
# owner = "catppuccin";
|
{
|
||||||
# repo = "bat";
|
owner = "catppuccin";
|
||||||
# rev = "477622171ec0529505b0ca3cada68fc9433648c6";
|
repo = "bat";
|
||||||
# sha256 = "6WVKQErGdaqb++oaXnY3i6/GuH2FhTgK0v4TN4Y0Wbw=";
|
rev = "477622171ec0529505b0ca3cada68fc9433648c6";
|
||||||
# }
|
sha256 = "6WVKQErGdaqb++oaXnY3i6/GuH2FhTgK0v4TN4Y0Wbw=";
|
||||||
# + "/Catppuccin-mocha.tmTheme");
|
}
|
||||||
# };
|
+ "/Catppuccin-mocha.tmTheme");
|
||||||
|
};
|
||||||
|
*/
|
||||||
};
|
};
|
||||||
|
|
||||||
home.shellAliases = {
|
home.shellAliases = {
|
||||||
|
@ -38,8 +40,10 @@
|
||||||
emacs = {pkgs, ...}: {
|
emacs = {pkgs, ...}: {
|
||||||
programs.emacs = {
|
programs.emacs = {
|
||||||
enable = true;
|
enable = true;
|
||||||
# extraConfig = ''
|
/*
|
||||||
# '';
|
extraConfig = ''
|
||||||
|
'';
|
||||||
|
*/
|
||||||
extraPackages = epkgs: (with epkgs; [
|
extraPackages = epkgs: (with epkgs; [
|
||||||
magit
|
magit
|
||||||
]);
|
]);
|
||||||
|
@ -61,9 +65,11 @@
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
# home.sessionVariables = {
|
/*
|
||||||
# RUSTDOCFLAGS = "--default-theme=ayu";
|
home.sessionVariables = {
|
||||||
# };
|
RUSTDOCFLAGS = "--default-theme=ayu";
|
||||||
|
};
|
||||||
|
*/
|
||||||
};
|
};
|
||||||
|
|
||||||
common = {
|
common = {
|
||||||
|
@ -79,10 +85,13 @@
|
||||||
homeManagerModules.helix
|
homeManagerModules.helix
|
||||||
git
|
git
|
||||||
zellij
|
zellij
|
||||||
# broot
|
|
||||||
# nnn
|
|
||||||
htop
|
htop
|
||||||
# tmux
|
|
||||||
|
/*
|
||||||
|
broot
|
||||||
|
nnn
|
||||||
|
tmux
|
||||||
|
*/
|
||||||
];
|
];
|
||||||
|
|
||||||
programs.home-manager.enable = true;
|
programs.home-manager.enable = true;
|
||||||
|
@ -158,10 +167,12 @@
|
||||||
programs.fzf = {
|
programs.fzf = {
|
||||||
# using good ol' fzf until skim sucks less out of the box I guess
|
# using good ol' fzf until skim sucks less out of the box I guess
|
||||||
enable = true;
|
enable = true;
|
||||||
# enableFishIntegration = true;
|
/*
|
||||||
# defaultCommand = "fd --type f";
|
enableFishIntegration = true;
|
||||||
# defaultOptions = ["--height 40%"];
|
defaultCommand = "fd --type f";
|
||||||
# fileWidgetOptions = ["--preview 'head {}'"];
|
defaultOptions = ["--height 40%"];
|
||||||
|
fileWidgetOptions = ["--preview 'head {}'"];
|
||||||
|
*/
|
||||||
};
|
};
|
||||||
|
|
||||||
# TODO: regular cron or something?
|
# TODO: regular cron or something?
|
||||||
|
@ -184,8 +195,10 @@
|
||||||
|
|
||||||
firefox = {pkgs, ...}: {
|
firefox = {pkgs, ...}: {
|
||||||
programs.firefox = {
|
programs.firefox = {
|
||||||
# TODO: this should be able to work on macos, no?
|
/*
|
||||||
# TODO: enable dark theme by default
|
TODO: this should be able to work on macos, no?
|
||||||
|
TODO: enable color scheme/theme by default
|
||||||
|
*/
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
||||||
# TODO: uses nixpkgs.pass so pass otp doesn't work
|
# TODO: uses nixpkgs.pass so pass otp doesn't work
|
||||||
|
@ -196,9 +209,11 @@
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
# extensions = with pkgs.nur.repos.rycee.firefox-addons; [
|
/*
|
||||||
# ublock-origin
|
extensions = with pkgs.nur.repos.rycee.firefox-addons; [
|
||||||
# ]; # TODO: would be nice to have _all_ my firefox stuff managed here instead of Firefox Sync maybe?
|
ublock-origin
|
||||||
|
]; # TODO: would be nice to have _all_ my firefox stuff managed here instead of Firefox Sync maybe?
|
||||||
|
*/
|
||||||
|
|
||||||
profiles = {
|
profiles = {
|
||||||
daniel = {
|
daniel = {
|
||||||
|
@ -221,8 +236,10 @@
|
||||||
}
|
}
|
||||||
'';
|
'';
|
||||||
|
|
||||||
# userContent = ''
|
/*
|
||||||
# '';
|
userContent = ''
|
||||||
|
'';
|
||||||
|
*/
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -360,10 +377,12 @@
|
||||||
enable = true;
|
enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
# signing = {
|
/*
|
||||||
# signByDefault = false;
|
signing = {
|
||||||
# key = ~/.ssh/personal-ed25519;
|
signByDefault = false;
|
||||||
# };
|
key = ~/.ssh/personal-ed25519;
|
||||||
|
};
|
||||||
|
*/
|
||||||
|
|
||||||
aliases = {
|
aliases = {
|
||||||
a = "add -A";
|
a = "add -A";
|
||||||
|
@ -487,11 +506,13 @@
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
# NOTE: Currently, helix crashes when editing markdown in certain scenarios,
|
/*
|
||||||
# presumably due to an old markdown treesitter grammar
|
NOTE: Currently, helix crashes when editing markdown in certain scenarios,
|
||||||
# https://github.com/helix-editor/helix/issues/9011
|
presumably due to an old markdown treesitter grammar
|
||||||
# https://github.com/helix-editor/helix/issues/8821
|
https://github.com/helix-editor/helix/issues/9011
|
||||||
# https://github.com/tree-sitter-grammars/tree-sitter-markdown/issues/114
|
https://github.com/helix-editor/helix/issues/8821
|
||||||
|
https://github.com/tree-sitter-grammars/tree-sitter-markdown/issues/114
|
||||||
|
*/
|
||||||
|
|
||||||
programs.helix = {
|
programs.helix = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -503,41 +524,45 @@
|
||||||
args = ["start"];
|
args = ["start"];
|
||||||
};
|
};
|
||||||
|
|
||||||
# next-ls = {
|
/*
|
||||||
# command = "next-ls";
|
next-ls = {
|
||||||
# args = ["--stdout"];
|
command = "next-ls";
|
||||||
# };
|
args = ["--stdout"];
|
||||||
|
};
|
||||||
|
|
||||||
# deno = {
|
deno = {
|
||||||
# command = "deno";
|
command = "deno";
|
||||||
# args = ["lsp"];
|
args = ["lsp"];
|
||||||
# config = {
|
config = {
|
||||||
# enable = true;
|
enable = true;
|
||||||
# lint = true;
|
lint = true;
|
||||||
# unstable = true;
|
unstable = true;
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
|
*/
|
||||||
};
|
};
|
||||||
|
|
||||||
language = [
|
language = [
|
||||||
# {
|
/*
|
||||||
# name = "heex";
|
{
|
||||||
# scope = "source.heex";
|
name = "heex";
|
||||||
# injection-regex = "heex";
|
scope = "source.heex";
|
||||||
# language-servers = ["lexical"]; # "lexical" "next-ls" ?
|
injection-regex = "heex";
|
||||||
# auto-format = true;
|
language-servers = ["lexical"]; # "lexical" "next-ls" ?
|
||||||
# file-types = ["heex"];
|
auto-format = true;
|
||||||
# roots = ["mix.exs" "mix.lock"];
|
file-types = ["heex"];
|
||||||
# indent = {
|
roots = ["mix.exs" "mix.lock"];
|
||||||
# tab-width = 2;
|
indent = {
|
||||||
# unit = " ";
|
tab-width = 2;
|
||||||
# };
|
unit = " ";
|
||||||
# }
|
};
|
||||||
# {
|
}
|
||||||
# name = "elixir";
|
{
|
||||||
# language-servers = ["lexical"]; # "lexical" "next-ls" ?
|
name = "elixir";
|
||||||
# auto-format = true;
|
language-servers = ["lexical"]; # "lexical" "next-ls" ?
|
||||||
# }
|
auto-format = true;
|
||||||
|
}
|
||||||
|
*/
|
||||||
{
|
{
|
||||||
name = "rust";
|
name = "rust";
|
||||||
|
|
||||||
|
@ -596,65 +621,67 @@
|
||||||
auto-format = true;
|
auto-format = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
# {
|
/*
|
||||||
# name = "javascript";
|
{
|
||||||
# language-id = "javascript";
|
name = "javascript";
|
||||||
# grammar = "javascript";
|
language-id = "javascript";
|
||||||
# scope = "source.js";
|
grammar = "javascript";
|
||||||
# injection-regex = "^(js|javascript)$";
|
scope = "source.js";
|
||||||
# file-types = ["js" "mjs"];
|
injection-regex = "^(js|javascript)$";
|
||||||
# shebangs = ["deno"];
|
file-types = ["js" "mjs"];
|
||||||
# language-servers = ["deno"];
|
shebangs = ["deno"];
|
||||||
# roots = ["deno.jsonc" "deno.json"];
|
language-servers = ["deno"];
|
||||||
# formatter = {
|
roots = ["deno.jsonc" "deno.json"];
|
||||||
# command = "deno";
|
formatter = {
|
||||||
# args = ["fmt"];
|
command = "deno";
|
||||||
# };
|
args = ["fmt"];
|
||||||
# auto-format = true;
|
};
|
||||||
# comment-token = "//";
|
auto-format = true;
|
||||||
# indent = {
|
comment-token = "//";
|
||||||
# tab-width = 2;
|
indent = {
|
||||||
# unit = "\t";
|
tab-width = 2;
|
||||||
# };
|
unit = "\t";
|
||||||
# }
|
};
|
||||||
|
}
|
||||||
|
|
||||||
# {
|
{
|
||||||
# name = "typescript";
|
name = "typescript";
|
||||||
# language-id = "typescript";
|
language-id = "typescript";
|
||||||
# grammar = "typescript";
|
grammar = "typescript";
|
||||||
# scope = "source.ts";
|
scope = "source.ts";
|
||||||
# injection-regex = "^(ts|typescript)$";
|
injection-regex = "^(ts|typescript)$";
|
||||||
# file-types = ["ts"];
|
file-types = ["ts"];
|
||||||
# shebangs = ["deno"];
|
shebangs = ["deno"];
|
||||||
# language-servers = ["deno"];
|
language-servers = ["deno"];
|
||||||
# roots = ["deno.jsonc" "deno.json"];
|
roots = ["deno.jsonc" "deno.json"];
|
||||||
# formatter = {
|
formatter = {
|
||||||
# command = "deno";
|
command = "deno";
|
||||||
# args = ["fmt"];
|
args = ["fmt"];
|
||||||
# };
|
};
|
||||||
# auto-format = true;
|
auto-format = true;
|
||||||
# comment-token = "//";
|
comment-token = "//";
|
||||||
# indent = {
|
indent = {
|
||||||
# tab-width = 2;
|
tab-width = 2;
|
||||||
# unit = "\t";
|
unit = "\t";
|
||||||
# };
|
};
|
||||||
# }
|
}
|
||||||
|
|
||||||
# {
|
{
|
||||||
# name = "jsonc";
|
name = "jsonc";
|
||||||
# language-id = "json";
|
language-id = "json";
|
||||||
# grammar = "jsonc";
|
grammar = "jsonc";
|
||||||
# scope = "source.jsonc";
|
scope = "source.jsonc";
|
||||||
# injection-regex = "^(jsonc)$";
|
injection-regex = "^(jsonc)$";
|
||||||
# roots = ["deno.jsonc" "deno.json"];
|
roots = ["deno.jsonc" "deno.json"];
|
||||||
# file-types = ["jsonc"];
|
file-types = ["jsonc"];
|
||||||
# language-servers = ["deno"];
|
language-servers = ["deno"];
|
||||||
# indent = {
|
indent = {
|
||||||
# tab-width = 2;
|
tab-width = 2;
|
||||||
# unit = " ";
|
unit = " ";
|
||||||
# };
|
};
|
||||||
# auto-format = true;
|
auto-format = true;
|
||||||
# }
|
}
|
||||||
|
*/
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -664,14 +691,17 @@
|
||||||
editor = {
|
editor = {
|
||||||
soft-wrap.enable = true;
|
soft-wrap.enable = true;
|
||||||
auto-pairs = false;
|
auto-pairs = false;
|
||||||
# auto-save = false;
|
|
||||||
# completion-trigger-len = 1;
|
|
||||||
# color-modes = false;
|
|
||||||
bufferline = "multiple";
|
bufferline = "multiple";
|
||||||
# scrolloff = 8;
|
|
||||||
rulers = [81 121];
|
rulers = [81 121];
|
||||||
cursorline = true;
|
cursorline = true;
|
||||||
|
|
||||||
|
/*
|
||||||
|
auto-save = false;
|
||||||
|
completion-trigger-len = 1;
|
||||||
|
color-modes = false;
|
||||||
|
scrolloff = 8;
|
||||||
|
*/
|
||||||
|
|
||||||
inline-diagnostics = {
|
inline-diagnostics = {
|
||||||
cursor-line = "hint";
|
cursor-line = "hint";
|
||||||
other-lines = "error";
|
other-lines = "error";
|
||||||
|
@ -703,18 +733,21 @@
|
||||||
left = [
|
left = [
|
||||||
"file-name"
|
"file-name"
|
||||||
"mode"
|
"mode"
|
||||||
# "selections"
|
/*
|
||||||
# "primary-selection-length"
|
"selections"
|
||||||
# "position"
|
"primary-selection-length"
|
||||||
# "position-percentage"
|
"position"
|
||||||
|
"position-percentage"
|
||||||
|
*/
|
||||||
"spinner"
|
"spinner"
|
||||||
"diagnostics"
|
"diagnostics"
|
||||||
"workspace-diagnostics"
|
"workspace-diagnostics"
|
||||||
];
|
];
|
||||||
|
/*
|
||||||
|
center = ["file-name"];
|
||||||
|
right = ["version-control" "total-line-numbers" "file-encoding"];
|
||||||
|
*/
|
||||||
};
|
};
|
||||||
# center = ["file-name"];
|
|
||||||
# right = ["version-control" "total-line-numbers" "file-encoding"];
|
|
||||||
# };
|
|
||||||
};
|
};
|
||||||
keys = {
|
keys = {
|
||||||
insert = {
|
insert = {
|
||||||
|
@ -752,7 +785,7 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
themes = with colors.withHashPrefix; {
|
themes = with style.colors.withHashPrefix; {
|
||||||
custom = {
|
custom = {
|
||||||
"type" = orange;
|
"type" = orange;
|
||||||
|
|
||||||
|
@ -984,8 +1017,10 @@
|
||||||
fg = fgdim;
|
fg = fgdim;
|
||||||
};
|
};
|
||||||
|
|
||||||
# "ui.cursorline.primary" = { bg = "default" }
|
/*
|
||||||
# "ui.cursorline.secondary" = { bg = "default" }
|
"ui.cursorline.primary" = { bg = "default" }
|
||||||
|
"ui.cursorline.secondary" = { bg = "default" }
|
||||||
|
*/
|
||||||
"ui.cursorcolumn.primary" = {bg = bg3;};
|
"ui.cursorcolumn.primary" = {bg = bg3;};
|
||||||
"ui.cursorcolumn.secondary" = {bg = bg3;};
|
"ui.cursorcolumn.secondary" = {bg = bg3;};
|
||||||
|
|
||||||
|
@ -1006,15 +1041,17 @@
|
||||||
programs.htop = {
|
programs.htop = {
|
||||||
enable = true;
|
enable = true;
|
||||||
settings = {
|
settings = {
|
||||||
# hide_kernel_threads = 1;
|
/*
|
||||||
# hide_userland_threads = 1;
|
hide_kernel_threads = 1;
|
||||||
# show_program_path = 0;
|
hide_userland_threads = 1;
|
||||||
# header_margin = 0;
|
show_program_path = 0;
|
||||||
# show_cpu_frequency = 1;
|
header_margin = 0;
|
||||||
# highlight_base_name = 1;
|
show_cpu_frequency = 1;
|
||||||
# tree_view = 0;
|
highlight_base_name = 1;
|
||||||
# htop_version = "3.2.2";
|
tree_view = 0;
|
||||||
# config_reader_min_version = 3;
|
htop_version = "3.2.2";
|
||||||
|
config_reader_min_version = 3;
|
||||||
|
*/
|
||||||
fields = "0 48 17 18 38 39 40 2 46 47 49 1";
|
fields = "0 48 17 18 38 39 40 2 46 47 49 1";
|
||||||
hide_kernel_threads = 1;
|
hide_kernel_threads = 1;
|
||||||
hide_userland_threads = 1;
|
hide_userland_threads = 1;
|
||||||
|
@ -1057,22 +1094,26 @@
|
||||||
tree_sort_direction = 1;
|
tree_sort_direction = 1;
|
||||||
tree_view_always_by_pid = 0;
|
tree_view_always_by_pid = 0;
|
||||||
all_branches_collapsed = 0;
|
all_branches_collapsed = 0;
|
||||||
# screen:Main=PID USER PRIORITY NICE M_VIRT M_RESIDENT M_SHARE STATE PERCENT_CPU PERCENT_MEM TIME Command
|
|
||||||
# .sort_key=PERCENT_MEM
|
/*
|
||||||
# .tree_sort_key=PID
|
screen:Main=PID USER PRIORITY NICE M_VIRT M_RESIDENT M_SHARE STATE PERCENT_CPU PERCENT_MEM TIME Command
|
||||||
# .tree_view=0
|
.sort_key=PERCENT_MEM
|
||||||
# .tree_view_always_by_pid=0
|
.tree_sort_key=PID
|
||||||
# .sort_direction=-1
|
.tree_view=0
|
||||||
# .tree_sort_direction=1
|
.tree_view_always_by_pid=0
|
||||||
# .all_branches_collapsed=0
|
.sort_direction=-1
|
||||||
# screen:I/O=PID USER IO_PRIORITY IO_RATE IO_READ_RATE IO_WRITE_RATE Command
|
.tree_sort_direction=1
|
||||||
# .sort_key=IO_RATE
|
.all_branches_collapsed=0
|
||||||
# .tree_sort_key=PID
|
|
||||||
# .tree_view=0
|
screen:I/O=PID USER IO_PRIORITY IO_RATE IO_READ_RATE IO_WRITE_RATE Command
|
||||||
# .tree_view_always_by_pid=0
|
.sort_key=IO_RATE
|
||||||
# .sort_direction=-1
|
.tree_sort_key=PID
|
||||||
# .tree_sort_direction=1
|
.tree_view=0
|
||||||
# .all_branches_collapsed=0
|
.tree_view_always_by_pid=0
|
||||||
|
.sort_direction=-1
|
||||||
|
.tree_sort_direction=1
|
||||||
|
.all_branches_collapsed=0
|
||||||
|
*/
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -1164,15 +1205,26 @@
|
||||||
];
|
];
|
||||||
|
|
||||||
gtk.theme = {
|
gtk.theme = {
|
||||||
name = "Catppuccin-Mocha-Compact-Sapphire-Dark";
|
name = "catppuccin-mocha-blue-compact+default";
|
||||||
package = pkgs.catppuccin-gtk.override {
|
package =
|
||||||
accents = ["sapphire"];
|
(pkgs.catppuccin-gtk.overrideAttrs {
|
||||||
size = "compact";
|
src = pkgs.fetchFromGitHub {
|
||||||
tweaks = ["rimless"];
|
owner = "catppuccin";
|
||||||
variant = "mocha";
|
repo = "gtk";
|
||||||
};
|
rev = "v1.0.3";
|
||||||
};
|
fetchSubmodules = true;
|
||||||
|
hash = "sha256-q5/VcFsm3vNEw55zq/vcM11eo456SYE5TQA3g2VQjGc=";
|
||||||
|
};
|
||||||
|
|
||||||
|
postUnpack = "";
|
||||||
|
})
|
||||||
|
.override
|
||||||
|
{
|
||||||
|
accents = ["sapphire"];
|
||||||
|
variant = "mocha";
|
||||||
|
size = "compact";
|
||||||
|
};
|
||||||
|
};
|
||||||
home.pointerCursor = {
|
home.pointerCursor = {
|
||||||
name = "Bibata-Modern-Classic";
|
name = "Bibata-Modern-Classic";
|
||||||
package = pkgs.bibata-cursors;
|
package = pkgs.bibata-cursors;
|
||||||
|
@ -1188,7 +1240,7 @@
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
# mako = {};
|
mako = {};
|
||||||
|
|
||||||
# nnn = {};
|
# nnn = {};
|
||||||
|
|
||||||
|
@ -1218,7 +1270,7 @@
|
||||||
programs.senpai = {
|
programs.senpai = {
|
||||||
enable = true;
|
enable = true;
|
||||||
config = {
|
config = {
|
||||||
address = "irc+insecure://beefcake:6667";
|
address = "irc+insecure://beefcake.hare-cod.ts.net:6667";
|
||||||
nickname = "lytedev";
|
nickname = "lytedev";
|
||||||
password-cmd = ["pass" "soju"];
|
password-cmd = ["pass" "soju"];
|
||||||
};
|
};
|
||||||
|
@ -1234,12 +1286,27 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# sway = {};
|
sway = {
|
||||||
# sway-laptop = {};
|
imports = [
|
||||||
# swaylock = {};
|
{
|
||||||
# tmux = {};
|
_module.args = {
|
||||||
# wallpaper-manager = {};
|
inherit style;
|
||||||
# waybar = {};
|
};
|
||||||
|
}
|
||||||
|
./waybar.nix
|
||||||
|
./mako.nix
|
||||||
|
./swaylock.nix
|
||||||
|
./sway.nix
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
/*
|
||||||
|
sway-laptop = {};
|
||||||
|
swaylock = {};
|
||||||
|
tmux = {};
|
||||||
|
wallpaper-manager = {};
|
||||||
|
waybar = {};
|
||||||
|
*/
|
||||||
|
|
||||||
wezterm = {
|
wezterm = {
|
||||||
pkgs,
|
pkgs,
|
||||||
|
@ -1247,14 +1314,14 @@
|
||||||
...
|
...
|
||||||
}: {
|
}: {
|
||||||
# docs: https://wezfurlong.org/wezterm/config/appearance.html#defining-your-own-colors
|
# docs: https://wezfurlong.org/wezterm/config/appearance.html#defining-your-own-colors
|
||||||
programs.wezterm = with colors.withHashPrefix; {
|
programs.wezterm = with style.colors.withHashPrefix; {
|
||||||
enable = true;
|
enable = true;
|
||||||
# package = pkgs.wezterm;
|
# package = pkgs.wezterm;
|
||||||
extraConfig = builtins.readFile ./wezterm/config.lua;
|
extraConfig = builtins.readFile ./wezterm/config.lua;
|
||||||
colorSchemes = {
|
colorSchemes = {
|
||||||
catppuccin-mocha-sapphire = {
|
catppuccin-mocha-sapphire = {
|
||||||
ansi = map (x: colors.withHashPrefix.${toString x}) (pkgs.lib.lists.range 0 7);
|
ansi = map (x: style.colors.withHashPrefix.${toString x}) (pkgs.lib.lists.range 0 7);
|
||||||
brights = map (x: colors.withHashPrefix.${toString (x + 8)}) (pkgs.lib.lists.range 0 7);
|
brights = map (x: style.colors.withHashPrefix.${toString (x + 8)}) (pkgs.lib.lists.range 0 7);
|
||||||
|
|
||||||
foreground = fg;
|
foreground = fg;
|
||||||
background = bg;
|
background = bg;
|
||||||
|
@ -1303,15 +1370,17 @@
|
||||||
|
|
||||||
compose_cursor = orange;
|
compose_cursor = orange;
|
||||||
|
|
||||||
# copy_mode_active_highlight_bg = { Color = '#000000' },
|
/*
|
||||||
# copy_mode_active_highlight_fg = { AnsiColor = 'Black' },
|
copy_mode_active_highlight_bg = { Color = '#000000' },
|
||||||
# copy_mode_inactive_highlight_bg = { Color = '#52ad70' },
|
copy_mode_active_highlight_fg = { AnsiColor = 'Black' },
|
||||||
# copy_mode_inactive_highlight_fg = { AnsiColor = 'White' },
|
copy_mode_inactive_highlight_bg = { Color = '#52ad70' },
|
||||||
|
copy_mode_inactive_highlight_fg = { AnsiColor = 'White' },
|
||||||
|
|
||||||
# quick_select_label_bg = { Color = 'peru' },
|
quick_select_label_bg = { Color = 'peru' },
|
||||||
# quick_select_label_fg = { Color = '#ffffff' },
|
quick_select_label_fg = { Color = '#ffffff' },
|
||||||
# quick_select_match_bg = { AnsiColor = 'Navy' },
|
quick_select_match_bg = { AnsiColor = 'Navy' },
|
||||||
# quick_select_match_fg = { Color = '#ffffff' },
|
quick_select_match_fg = { Color = '#ffffff' },
|
||||||
|
*/
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -1791,7 +1860,7 @@
|
||||||
theme = "match";
|
theme = "match";
|
||||||
|
|
||||||
themes = {
|
themes = {
|
||||||
match = with colors.withHashPrefix; {
|
match = with style.colors.withHashPrefix; {
|
||||||
fg = fg;
|
fg = fg;
|
||||||
bg = bg;
|
bg = bg;
|
||||||
|
|
||||||
|
@ -1810,8 +1879,10 @@
|
||||||
# TODO: port config
|
# TODO: port config
|
||||||
|
|
||||||
plugins = {
|
plugins = {
|
||||||
# tab-bar = {path = "tab-bar";};
|
/*
|
||||||
# compact-bar = {path = "compact-bar";};
|
tab-bar = {path = "tab-bar";};
|
||||||
|
compact-bar = {path = "compact-bar";};
|
||||||
|
*/
|
||||||
};
|
};
|
||||||
|
|
||||||
ui = {
|
ui = {
|
||||||
|
|
|
@ -42,6 +42,8 @@ if has_command skim
|
||||||
set --export --universal SKIM_CTRL_T_COMMAND "fd --hidden"
|
set --export --universal SKIM_CTRL_T_COMMAND "fd --hidden"
|
||||||
end
|
end
|
||||||
|
|
||||||
|
set --export --universal NEWT_COLORS "root=black,black:border=black,blue"
|
||||||
|
|
||||||
# colors
|
# colors
|
||||||
set -U fish_color_normal normal # default color
|
set -U fish_color_normal normal # default color
|
||||||
set -U fish_color_command white # base command being run (>ls< -la)
|
set -U fish_color_command white # base command being run (>ls< -la)
|
||||||
|
|
|
@ -8,7 +8,7 @@
|
||||||
}: {
|
}: {
|
||||||
imports = [
|
imports = [
|
||||||
./ewwbar.nix
|
./ewwbar.nix
|
||||||
# ./mako.nix
|
./mako.nix
|
||||||
./swaylock.nix
|
./swaylock.nix
|
||||||
# TODO: figure out how to import this for this module _and_ for the sway module?
|
# TODO: figure out how to import this for this module _and_ for the sway module?
|
||||||
./linux-desktop.nix
|
./linux-desktop.nix
|
||||||
|
@ -45,7 +45,7 @@
|
||||||
|
|
||||||
exec-once = [
|
exec-once = [
|
||||||
"hyprpaper"
|
"hyprpaper"
|
||||||
# "mako"
|
"mako"
|
||||||
"swayosd-server"
|
"swayosd-server"
|
||||||
"eww daemon && eww open bar$EWW_BAR_MON"
|
"eww daemon && eww open bar$EWW_BAR_MON"
|
||||||
"firefox"
|
"firefox"
|
||||||
|
@ -88,9 +88,12 @@
|
||||||
input = {
|
input = {
|
||||||
kb_layout = "us";
|
kb_layout = "us";
|
||||||
kb_options = "ctrl:nocaps";
|
kb_options = "ctrl:nocaps";
|
||||||
# kb_variant =
|
|
||||||
# kb_model =
|
/*
|
||||||
# kb_rules =
|
kb_variant =
|
||||||
|
kb_model =
|
||||||
|
kb_rules =
|
||||||
|
*/
|
||||||
|
|
||||||
follow_mouse = 2;
|
follow_mouse = 2;
|
||||||
|
|
||||||
|
@ -131,10 +134,13 @@
|
||||||
|
|
||||||
decoration = {
|
decoration = {
|
||||||
rounding = 3;
|
rounding = 3;
|
||||||
# blur = "no";
|
|
||||||
# blur_size = 3
|
/*
|
||||||
# blur_passes = 1
|
blur = "no";
|
||||||
# blur_new_optimizations = on
|
blur_size = 3
|
||||||
|
blur_passes = 1
|
||||||
|
blur_new_optimizations = on
|
||||||
|
*/
|
||||||
|
|
||||||
drop_shadow = "yes";
|
drop_shadow = "yes";
|
||||||
shadow_range = 4;
|
shadow_range = 4;
|
||||||
|
@ -147,8 +153,10 @@
|
||||||
"$mod" = "SUPER";
|
"$mod" = "SUPER";
|
||||||
bind = [
|
bind = [
|
||||||
# See https://wiki.hyprland.org/Configuring/Keywords/ for more
|
# See https://wiki.hyprland.org/Configuring/Keywords/ for more
|
||||||
# "$mod, return, exec, wezterm"
|
/*
|
||||||
# "$mod SHIFT, return, exec, wezterm"
|
"$mod, return, exec, wezterm"
|
||||||
|
"$mod SHIFT, return, exec, wezterm"
|
||||||
|
*/
|
||||||
"$mod, return, exec, wezterm"
|
"$mod, return, exec, wezterm"
|
||||||
"$mod SHIFT, return, exec, kitty"
|
"$mod SHIFT, return, exec, kitty"
|
||||||
"$mod, U, exec, firefox"
|
"$mod, U, exec, firefox"
|
||||||
|
@ -264,13 +272,13 @@
|
||||||
workspace_swipe = on
|
workspace_swipe = on
|
||||||
}
|
}
|
||||||
|
|
||||||
# Example per-device config
|
## Example per-device config
|
||||||
# See https://wiki.hyprland.org/Configuring/Keywords/#executing for more
|
## See https://wiki.hyprland.org/Configuring/Keywords/#executing for more
|
||||||
# device:epic-mouse-v1 {
|
## device:epic-mouse-v1 {
|
||||||
# sensitivity = -0.5
|
## sensitivity = -0.5
|
||||||
# }
|
## }
|
||||||
|
|
||||||
# See https://wiki.hyprland.org/Configuring/Window-Rules/ for more
|
## See https://wiki.hyprland.org/Configuring/Window-Rules/ for more
|
||||||
windowrulev2 = idleinhibit,class:^.*([Ss]lippi).*$
|
windowrulev2 = idleinhibit,class:^.*([Ss]lippi).*$
|
||||||
windowrulev2 = float,class:^.*([Kk]itty|[Ff]irefox|[Ww]ezterm|[Dd]iscord|[Ss]potify|[Ss]lack).*$
|
windowrulev2 = float,class:^.*([Kk]itty|[Ff]irefox|[Ww]ezterm|[Dd]iscord|[Ss]potify|[Ss]lack).*$
|
||||||
windowrulev2 = opacity 1.0 0.9,floating:1
|
windowrulev2 = opacity 1.0 0.9,floating:1
|
||||||
|
|
|
@ -1,9 +1,5 @@
|
||||||
{
|
{style, ...}: {
|
||||||
colors,
|
services.mako = with style.colors.withHashPrefix; {
|
||||||
font,
|
|
||||||
...
|
|
||||||
}: {
|
|
||||||
services.mako = with colors.withHashPrefix; {
|
|
||||||
enable = false;
|
enable = false;
|
||||||
|
|
||||||
anchor = "top-right";
|
anchor = "top-right";
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
#!/usr/bin/env sh
|
#!/usr/bin/env sh
|
||||||
|
|
||||||
|
umask 0077
|
||||||
SUBDIR="${2:-./}"
|
SUBDIR="${2:-./}"
|
||||||
mkdir -p "$NOTES_PATH/$SUBDIR"
|
mkdir -p "$NOTES_PATH/$SUBDIR"
|
||||||
cd "$NOTES_PATH/$SUBDIR" || exit 1
|
cd "$NOTES_PATH/$SUBDIR" || exit 1
|
||||||
|
|
127
modules/home-manager/scripts/common/bin/spark
Executable file
127
modules/home-manager/scripts/common/bin/spark
Executable file
|
@ -0,0 +1,127 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
#
|
||||||
|
# spark
|
||||||
|
# https://github.com/holman/spark
|
||||||
|
#
|
||||||
|
# Generates sparklines for a set of data.
|
||||||
|
#
|
||||||
|
# Here's a good web-based sparkline generator that was a bit of inspiration
|
||||||
|
# for spark:
|
||||||
|
#
|
||||||
|
# https://datacollective.org/sparkblocks
|
||||||
|
#
|
||||||
|
# spark takes a comma-separated or space-separated list of data and then prints
|
||||||
|
# a sparkline out of it.
|
||||||
|
#
|
||||||
|
# Examples:
|
||||||
|
#
|
||||||
|
# spark 1 5 22 13 53
|
||||||
|
# # => ▁▁▃▂▇
|
||||||
|
#
|
||||||
|
# spark 0 30 55 80 33 150
|
||||||
|
# # => ▁▂▃▅▂▇
|
||||||
|
#
|
||||||
|
# spark -h
|
||||||
|
# # => Prints the spark help text.
|
||||||
|
|
||||||
|
# Generates sparklines.
|
||||||
|
#
|
||||||
|
# $1 - The data we'd like to graph.
|
||||||
|
_echo()
|
||||||
|
{
|
||||||
|
if [ "X$1" = "X-n" ]; then
|
||||||
|
shift
|
||||||
|
printf "%s" "$*"
|
||||||
|
else
|
||||||
|
printf "%s\n" "$*"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
spark()
|
||||||
|
{
|
||||||
|
local n numbers=
|
||||||
|
|
||||||
|
# find min/max values
|
||||||
|
local min=0xffffffff max=0
|
||||||
|
|
||||||
|
for n in ${@//,/ }
|
||||||
|
do
|
||||||
|
# on Linux (or with bash4) we could use `printf %.0f $n` here to
|
||||||
|
# round the number but that doesn't work on OS X (bash3) nor does
|
||||||
|
# `awk '{printf "%.0f",$1}' <<< $n` work, so just cut it off
|
||||||
|
n=${n%.*}
|
||||||
|
(( n < min )) && min=$n
|
||||||
|
(( n > max )) && max=$n
|
||||||
|
numbers=$numbers${numbers:+ }$n
|
||||||
|
done
|
||||||
|
|
||||||
|
# print ticks
|
||||||
|
local ticks=(▁ ▂ ▃ ▄ ▅ ▆ ▇ █)
|
||||||
|
|
||||||
|
# use a high tick if data is constant
|
||||||
|
(( min == max )) && ticks=(▅ ▆)
|
||||||
|
|
||||||
|
local f=$(( (($max-$min)<<8)/(${#ticks[@]}-1) ))
|
||||||
|
(( f < 1 )) && f=1
|
||||||
|
|
||||||
|
for n in $numbers
|
||||||
|
do
|
||||||
|
_echo -n ${ticks[$(( ((($n-$min)<<8)/$f) ))]}
|
||||||
|
done
|
||||||
|
_echo
|
||||||
|
}
|
||||||
|
|
||||||
|
# If we're being sourced, don't worry about such things
|
||||||
|
if [ "$BASH_SOURCE" == "$0" ]; then
|
||||||
|
# Prints the help text for spark.
|
||||||
|
help()
|
||||||
|
{
|
||||||
|
local spark=$(basename $0)
|
||||||
|
cat <<EOF
|
||||||
|
|
||||||
|
USAGE:
|
||||||
|
$spark [-h|--help] VALUE,...
|
||||||
|
|
||||||
|
EXAMPLES:
|
||||||
|
$spark 1 5 22 13 53
|
||||||
|
▁▁▃▂█
|
||||||
|
$spark 0,30,55,80,33,150
|
||||||
|
▁▂▃▄▂█
|
||||||
|
echo 9 13 5 17 1 | $spark
|
||||||
|
▄▆▂█▁
|
||||||
|
EOF
|
||||||
|
}
|
||||||
|
|
||||||
|
# show help for no arguments if stdin is a terminal
|
||||||
|
if { [ -z "$1" ] && [ -t 0 ] ; } || [ "$1" == '-h' ] || [ "$1" == '--help' ]
|
||||||
|
then
|
||||||
|
help
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
spark ${@:-`cat`}
|
||||||
|
fi
|
||||||
|
|
||||||
|
# source: https://github.com/holman/spark/commit/ab88ac6f8f33698f39ece2f109b1117ef39a68eb
|
||||||
|
|
||||||
|
# The MIT License
|
||||||
|
#
|
||||||
|
# Copyright (c) Zach Holman, https://zachholman.com
|
||||||
|
#
|
||||||
|
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
|
# of this software and associated documentation files (the "Software"), to deal
|
||||||
|
# in the Software without restriction, including without limitation the rights
|
||||||
|
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||||
|
# copies of the Software, and to permit persons to whom the Software is
|
||||||
|
# furnished to do so, subject to the following conditions:
|
||||||
|
#
|
||||||
|
# The above copyright notice and this permission notice shall be included in
|
||||||
|
# all copies or substantial portions of the Software.
|
||||||
|
#
|
||||||
|
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||||
|
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||||
|
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||||
|
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||||
|
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||||
|
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||||
|
# THE SOFTWARE.
|
3
modules/home-manager/scripts/common/bin/t
Executable file
3
modules/home-manager/scripts/common/bin/t
Executable file
|
@ -0,0 +1,3 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
N todo
|
|
@ -1,29 +1,21 @@
|
||||||
{
|
{
|
||||||
colors,
|
style,
|
||||||
lib,
|
lib,
|
||||||
config,
|
config,
|
||||||
pkgs,
|
pkgs,
|
||||||
font,
|
|
||||||
...
|
...
|
||||||
}: {
|
}: {
|
||||||
imports = [
|
|
||||||
./waybar.nix
|
|
||||||
# ./mako.nix
|
|
||||||
./swaylock.nix
|
|
||||||
./linux-desktop.nix
|
|
||||||
];
|
|
||||||
|
|
||||||
programs.foot = {
|
programs.foot = {
|
||||||
enable = true;
|
enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
home.file."${config.xdg.configHome}/mako/config" = {
|
home.file."${config.xdg.configHome}/mako/config" = {
|
||||||
enable = true;
|
enable = true;
|
||||||
text = with colors.withHashPrefix; ''
|
text = with style.colors.withHashPrefix; ''
|
||||||
border-size=1
|
border-size=1
|
||||||
max-visible=5
|
max-visible=5
|
||||||
default-timeout=15000
|
default-timeout=15000
|
||||||
font=Symbols Nerd Font ${toString font.size},${font.name} ${toString font.size}
|
font=Symbols Nerd Font ${toString style.font.size},${style.font.name} ${toString style.font.size}
|
||||||
anchor=top-right
|
anchor=top-right
|
||||||
|
|
||||||
background-color=${bg}
|
background-color=${bg}
|
||||||
|
@ -59,7 +51,7 @@
|
||||||
|
|
||||||
wayland.windowManager.sway = {
|
wayland.windowManager.sway = {
|
||||||
/*
|
/*
|
||||||
TODO:
|
TODO:
|
||||||
+ Super+r should rotate the selected group of windows.
|
+ Super+r should rotate the selected group of windows.
|
||||||
+ Super+Control+{1-9} should control the size of the preselect space.
|
+ Super+Control+{1-9} should control the size of the preselect space.
|
||||||
+ Super+Shift+b should balance the size of all selected nodes.
|
+ Super+Shift+b should balance the size of all selected nodes.
|
||||||
|
@ -80,6 +72,17 @@
|
||||||
|
|
||||||
systemd = {
|
systemd = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
variables = [
|
||||||
|
"DISPLAY"
|
||||||
|
"WAYLAND_DISPLAY"
|
||||||
|
"SWAYSOCK"
|
||||||
|
"XDG_CURRENT_DESKTOP"
|
||||||
|
"XDG_SESSION_TYPE"
|
||||||
|
"NIXOS_OZONE_WL"
|
||||||
|
"XCURSOR_THEME"
|
||||||
|
"XCURSOR_SIZE"
|
||||||
|
"PATH"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
# TODO: stuff is opening on workspace 10 (0?)
|
# TODO: stuff is opening on workspace 10 (0?)
|
||||||
|
@ -103,12 +106,6 @@
|
||||||
*/
|
*/
|
||||||
];
|
];
|
||||||
|
|
||||||
output = {
|
|
||||||
# "*" = {
|
|
||||||
# background = "$HOME/.wallpaper fill";
|
|
||||||
# };
|
|
||||||
};
|
|
||||||
|
|
||||||
# TODO: popup_during_fullscreen smart
|
# TODO: popup_during_fullscreen smart
|
||||||
focus = {
|
focus = {
|
||||||
wrapping = "no"; # maybe workspace?
|
wrapping = "no"; # maybe workspace?
|
||||||
|
@ -133,6 +130,11 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
startup = [
|
startup = [
|
||||||
|
{command = "kdeconnect-indicator";}
|
||||||
|
{command = "mako";}
|
||||||
|
{
|
||||||
|
command = "swaybg -i $HOME/.wallpaper";
|
||||||
|
}
|
||||||
{
|
{
|
||||||
command = "swayosd-server";
|
command = "swayosd-server";
|
||||||
}
|
}
|
||||||
|
@ -162,7 +164,6 @@
|
||||||
"timeout 600 'swaymsg \"output * dpms off\"' resume 'swaymsg \"output * dpms on\" & maybe-good-morning &'"
|
"timeout 600 'swaymsg \"output * dpms off\"' resume 'swaymsg \"output * dpms on\" & maybe-good-morning &'"
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
# {command = "mako";}
|
|
||||||
# {command = "firefox";}
|
# {command = "firefox";}
|
||||||
# {command = "wezterm";}
|
# {command = "wezterm";}
|
||||||
];
|
];
|
||||||
|
@ -187,13 +188,13 @@
|
||||||
input = {
|
input = {
|
||||||
"type:keyboard" = {
|
"type:keyboard" = {
|
||||||
xkb_options = "ctrl:nocaps";
|
xkb_options = "ctrl:nocaps";
|
||||||
repeat_delay = "200";
|
repeat_delay = "180";
|
||||||
repeat_rate = "60";
|
repeat_rate = "100";
|
||||||
};
|
};
|
||||||
|
|
||||||
"type:pointer" = {
|
"type:pointer" = {
|
||||||
accel_profile = "flat";
|
accel_profile = "flat";
|
||||||
pointer_accel = "0";
|
pointer_accel = "0.5";
|
||||||
};
|
};
|
||||||
|
|
||||||
"type:touchpad" = {
|
"type:touchpad" = {
|
||||||
|
@ -217,6 +218,7 @@
|
||||||
"${mod}+c" = "kill";
|
"${mod}+c" = "kill";
|
||||||
"${mod}+shift+c" = "kill # TODO: kill -9?";
|
"${mod}+shift+c" = "kill # TODO: kill -9?";
|
||||||
"${mod}+alt+space" = "exec wofi --show drun";
|
"${mod}+alt+space" = "exec wofi --show drun";
|
||||||
|
"${mod}" = "exec ${menu}";
|
||||||
"${mod}+space" = "exec ${menu}";
|
"${mod}+space" = "exec ${menu}";
|
||||||
"${mod}+shift+s" = "exec clipshot";
|
"${mod}+shift+s" = "exec clipshot";
|
||||||
"${mod}+e" = "exec thunar";
|
"${mod}+e" = "exec thunar";
|
||||||
|
@ -294,39 +296,54 @@
|
||||||
# TODO: this should also reset the horizontal and vertical gaps?
|
# TODO: this should also reset the horizontal and vertical gaps?
|
||||||
"${mod}+control+equal" = "gaps inner current set 0";
|
"${mod}+control+equal" = "gaps inner current set 0";
|
||||||
|
|
||||||
|
"${mod}+shift+v" = "exec swayosd-client --input-volume mute-toggle";
|
||||||
|
"${mod}+F1" = "exec pactl set-sink-mute @DEFAULT_SINK@ toggle";
|
||||||
"XF86AudioRaiseVolume" = "exec swayosd-client --output-volume raise";
|
"XF86AudioRaiseVolume" = "exec swayosd-client --output-volume raise";
|
||||||
"XF86AudioLowerVolume" = "exec swayosd-client --output-volume lower";
|
"XF86AudioLowerVolume" = "exec swayosd-client --output-volume lower";
|
||||||
"XF86AudioMute" = "exec swayosd-client --output-volume mute-toggle";
|
"XF86AudioMute" = "exec swayosd-client --output-volume mute-toggle";
|
||||||
"XF86AudioMicMute" = "exec swayosd-client --input-volume mute-toggle";
|
"XF86AudioMicMute" = "exec swayosd-client --input-volume mute-toggle";
|
||||||
"${mod}+shift+v" = "exec swayosd-client --input-volume mute-toggle";
|
|
||||||
# "XF86AudioRaiseVolume" = "exec swayosd-client --output-volume 15";
|
|
||||||
# "XF86AudioLowerVolume" = "exec swayosd-client --output-volume -15";
|
|
||||||
# "XF86AudioRaiseVolume" = "exec swayosd-client --output-volume raise --max-volume 120";
|
|
||||||
# "XF86AudioLowerVolume" = "exec swayosd-client --output-volume lower --max-volume 120";
|
|
||||||
# "XF86AudioRaiseVolume" = "exec swayosd-client --output-volume +10 --device alsa_output.pci-0000_11_00.4.analog-stereo.monitor";
|
|
||||||
# "XF86AudioLowerVolume" = "exec swayosd-client --output-volume -10 --device alsa_output.pci-0000_11_00.4.analog-stereo.monitor";
|
|
||||||
"XF86MonBrightnessUp" = "exec swayosd-client --brightness raise";
|
"XF86MonBrightnessUp" = "exec swayosd-client --brightness raise";
|
||||||
"XF86MonBrightnessDown" = "exec swayosd-client --brightness lower";
|
"XF86MonBrightnessDown" = "exec swayosd-client --brightness lower";
|
||||||
# "XF86MonBrightnessUp" = " exec swayosd-client --brightness 10";
|
|
||||||
# "XF86MonBrightnessDown" = "exec swayosd-client --brightness -10";
|
|
||||||
|
|
||||||
# "XF86AudioRaiseVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ +5%";
|
|
||||||
# "XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -5%";
|
|
||||||
"control+XF86AudioRaiseVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ +1%";
|
"control+XF86AudioRaiseVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ +1%";
|
||||||
"control+XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -1%";
|
"control+XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -1%";
|
||||||
# "XF86AudioMute" = "exec pactl set-sink-mute @DEFAULT_SINK@ toggle";
|
|
||||||
"${mod}+F1" = "exec pactl set-sink-mute @DEFAULT_SINK@ toggle";
|
|
||||||
# "XF86AudioMicMute" = "exec pactl set-source-mute @DEFAULT_SOURCE@ toggle";
|
|
||||||
# "XF86MonBrightnessDown" = "exec brightnessctl set 10%-";
|
|
||||||
# "XF86MonBrightnessUp" = "exec brightnessctl set +10%";
|
|
||||||
# "shift+XF86MonBrightnessDown" = "exec brightnessctl set 1%";
|
|
||||||
# "shift+XF86MonBrightnessUp" = "exec brightnessctl set 100%";
|
|
||||||
# "control+XF86MonBrightnessDown" = "exec brightnessctl set 1%-";
|
|
||||||
# "control+XF86MonBrightnessUp" = "exec brightnessctl set +1%";
|
|
||||||
"XF86AudioPlay" = "exec playerctl play-pause";
|
"XF86AudioPlay" = "exec playerctl play-pause";
|
||||||
"XF86AudioNext" = "exec playerctl next";
|
"XF86AudioNext" = "exec playerctl next";
|
||||||
"XF86AudioPrev" = "exec playerctl previous";
|
"XF86AudioPrev" = "exec playerctl previous";
|
||||||
# "${mod}+shift+v" = "exec pactl set-source-mute @DEFAULT_SOURCE@ toggle";
|
"--locked ${mod}+shift+v" = "exec swayosd-client --input-volume mute-toggle";
|
||||||
|
"--locked ${mod}+F1" = "exec pactl set-sink-mute @DEFAULT_SINK@ toggle";
|
||||||
|
"--locked XF86AudioRaiseVolume" = "exec swayosd-client --output-volume raise";
|
||||||
|
"--locked XF86AudioLowerVolume" = "exec swayosd-client --output-volume lower";
|
||||||
|
"--locked XF86AudioMute" = "exec swayosd-client --output-volume mute-toggle";
|
||||||
|
"--locked XF86AudioMicMute" = "exec swayosd-client --input-volume mute-toggle";
|
||||||
|
"--locked XF86MonBrightnessUp" = "exec swayosd-client --brightness raise";
|
||||||
|
"--locked XF86MonBrightnessDown" = "exec swayosd-client --brightness lower";
|
||||||
|
"--locked control+XF86AudioRaiseVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ +1%";
|
||||||
|
"--locked control+XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -1%";
|
||||||
|
"--locked XF86AudioPlay" = "exec playerctl play-pause";
|
||||||
|
"--locked XF86AudioNext" = "exec playerctl next";
|
||||||
|
"--locked XF86AudioPrev" = "exec playerctl previous";
|
||||||
|
|
||||||
|
/*
|
||||||
|
"XF86MonBrightnessUp" = " exec swayosd-client --brightness 10";
|
||||||
|
"XF86MonBrightnessDown" = "exec swayosd-client --brightness -10";
|
||||||
|
"XF86AudioMute" = "exec pactl set-sink-mute @DEFAULT_SINK@ toggle";
|
||||||
|
"XF86AudioRaiseVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ +5%";
|
||||||
|
"XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -5%";
|
||||||
|
"XF86AudioRaiseVolume" = "exec swayosd-client --output-volume 15";
|
||||||
|
"XF86AudioLowerVolume" = "exec swayosd-client --output-volume -15";
|
||||||
|
"XF86AudioRaiseVolume" = "exec swayosd-client --output-volume raise --max-volume 120";
|
||||||
|
"XF86AudioLowerVolume" = "exec swayosd-client --output-volume lower --max-volume 120";
|
||||||
|
"XF86AudioRaiseVolume" = "exec swayosd-client --output-volume +10 --device alsa_output.pci-0000_11_00.4.analog-stereo.monitor";
|
||||||
|
"XF86AudioLowerVolume" = "exec swayosd-client --output-volume -10 --device alsa_output.pci-0000_11_00.4.analog-stereo.monitor";
|
||||||
|
"XF86AudioMicMute" = "exec pactl set-source-mute @DEFAULT_SOURCE@ toggle";
|
||||||
|
"XF86MonBrightnessDown" = "exec brightnessctl set 10%-";
|
||||||
|
"XF86MonBrightnessUp" = "exec brightnessctl set +10%";
|
||||||
|
"shift+XF86MonBrightnessDown" = "exec brightnessctl set 1%";
|
||||||
|
"shift+XF86MonBrightnessUp" = "exec brightnessctl set 100%";
|
||||||
|
"control+XF86MonBrightnessDown" = "exec brightnessctl set 1%-";
|
||||||
|
"control+XF86MonBrightnessUp" = "exec brightnessctl set +1%";
|
||||||
|
"${mod}+shift+v" = "exec pactl set-source-mute @DEFAULT_SOURCE@ toggle";
|
||||||
|
*/
|
||||||
|
|
||||||
"${mod}+control+shift+l" = "exec swaylock";
|
"${mod}+control+shift+l" = "exec swaylock";
|
||||||
|
|
||||||
|
@ -334,7 +351,7 @@
|
||||||
};
|
};
|
||||||
assigns = {};
|
assigns = {};
|
||||||
bars = [];
|
bars = [];
|
||||||
colors = with colors; {
|
colors = with style.colors; {
|
||||||
background = bg;
|
background = bg;
|
||||||
focused = {
|
focused = {
|
||||||
background = bg;
|
background = bg;
|
||||||
|
|
|
@ -1,14 +1,10 @@
|
||||||
{
|
{style, ...}: {
|
||||||
font,
|
|
||||||
# colors,
|
|
||||||
...
|
|
||||||
}: {
|
|
||||||
programs.swaylock = {
|
programs.swaylock = {
|
||||||
enable = true;
|
enable = true;
|
||||||
settings = {
|
settings = {
|
||||||
color = "ffffffff";
|
color = "ffffffff";
|
||||||
image = "~/.wallpaper";
|
image = "~/.wallpaper";
|
||||||
font = font.name;
|
font = style.font.name;
|
||||||
show-failed-attempts = true;
|
show-failed-attempts = true;
|
||||||
ignore-empty-password = true;
|
ignore-empty-password = true;
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
{
|
{
|
||||||
colors,
|
pkgs,
|
||||||
font,
|
style,
|
||||||
...
|
...
|
||||||
}: {
|
}: {
|
||||||
programs.waybar = {
|
programs.waybar = {
|
||||||
|
@ -10,38 +10,41 @@
|
||||||
"layer" = "top";
|
"layer" = "top";
|
||||||
"position" = "bottom";
|
"position" = "bottom";
|
||||||
"output" = ["eDP-1" "DP-3"];
|
"output" = ["eDP-1" "DP-3"];
|
||||||
"height" = 32;
|
"height" = 50;
|
||||||
"modules-left" = ["clock" "sway/window"];
|
"modules-left" = [
|
||||||
"modules-center" = ["sway/workspaces"];
|
|
||||||
"modules-right" = [
|
|
||||||
"mpris"
|
|
||||||
"idle_inhibitor"
|
"idle_inhibitor"
|
||||||
"bluetooth"
|
"sway/workspaces"
|
||||||
# "wireplumber",
|
"sway/window"
|
||||||
|
];
|
||||||
|
"modules-center" = [];
|
||||||
|
"modules-right" = [
|
||||||
|
"privacy"
|
||||||
|
"power-profiles-daemon"
|
||||||
|
"mpris"
|
||||||
|
## "disk"
|
||||||
|
## TODO: will need a custom module for Disk IO
|
||||||
|
|
||||||
|
## "wireplumber" # pulseaudio module is more featureful
|
||||||
"pulseaudio"
|
"pulseaudio"
|
||||||
# "network",
|
"network"
|
||||||
"cpu"
|
"cpu"
|
||||||
"memory"
|
"memory"
|
||||||
# "temperature",
|
"temperature"
|
||||||
"backlight"
|
"backlight"
|
||||||
"battery"
|
"battery"
|
||||||
|
|
||||||
|
"bluetooth"
|
||||||
"tray"
|
"tray"
|
||||||
|
"clock"
|
||||||
];
|
];
|
||||||
"bluetooth" = {
|
"bluetooth" = {
|
||||||
"format" = "<span</span>";
|
"format" = "<span></span>";
|
||||||
"format-connected" = "<span></span>";
|
"on-click" = "${pkgs.blueman}/bin/blueman-manager";
|
||||||
"format-connected-battery" = "<span></span>";
|
};
|
||||||
# "format-device-preference" = [ "device1", "device2" ], # preference list deciding the displayed devic;
|
"wireplumber" = {
|
||||||
"tooltip-format" = "{controller_alias}@{controller_address} ({num_connections} connected)";
|
"format" = "{volume}% {icon}";
|
||||||
"tooltip-format-connected" = "{controller_alias}@{controller_address} ({num_connections} connected)\n{device_enumerate}";
|
"on-click" = "helvum";
|
||||||
"tooltip-format-enumerate-connected" = "{device_alias}@{device_address}";
|
|
||||||
"tooltip-format-enumerate-connected-battery" = "{device_alias}@{device_address} ( {device_battery_percentage}%)";
|
|
||||||
};
|
};
|
||||||
# "wireplumber" = ;
|
|
||||||
# "format" = "{volume}% {icon}";
|
|
||||||
# "format-muted" = "";
|
|
||||||
# "on-click" = "helvum;
|
|
||||||
# },
|
|
||||||
"sway/workspaces" = {
|
"sway/workspaces" = {
|
||||||
"disable-scroll" = false;
|
"disable-scroll" = false;
|
||||||
"persistent_workspaces" = {
|
"persistent_workspaces" = {
|
||||||
|
@ -59,31 +62,40 @@
|
||||||
"tray" = {
|
"tray" = {
|
||||||
"icon-size" = 24;
|
"icon-size" = 24;
|
||||||
"spacing" = 4;
|
"spacing" = 4;
|
||||||
|
"show-passive-items" = true;
|
||||||
};
|
};
|
||||||
"clock" = {
|
"clock" = {
|
||||||
"interval" = 1;
|
"interval" = 1;
|
||||||
"format" = "{:%a %b %d %H:%M:%S}";
|
"format" = "{:%a %b %d\n%H:%M:%S}";
|
||||||
|
"justify" = "center";
|
||||||
};
|
};
|
||||||
"cpu" = {
|
"cpu" = {
|
||||||
"format" = "{usage} <span></span>";
|
"format" = "{usage}%\nCPU";
|
||||||
"tooltip" = true;
|
"tooltip" = true;
|
||||||
"interval" = 3;
|
"interval" = 5;
|
||||||
|
"justify" = "center";
|
||||||
};
|
};
|
||||||
"memory" = {
|
"memory" = {
|
||||||
"format" = "{} ";
|
"format" = "{}%\nRAM";
|
||||||
|
"tooltip" = true;
|
||||||
|
"interval" = 5;
|
||||||
|
"justify" = "center";
|
||||||
};
|
};
|
||||||
"temperature" = {
|
"temperature" = {
|
||||||
# "thermal-zone" = 2;
|
/*
|
||||||
# "hwmon-path" = "/sys/class/hwmon/hwmon2/temp1_input";
|
"thermal-zone" = 2;
|
||||||
|
"hwmon-path" = "/sys/class/hwmon/hwmon2/temp1_input";
|
||||||
|
"format-critical" = "{temperatureC}°C {icon}";
|
||||||
|
*/
|
||||||
"critical-threshold" = 80;
|
"critical-threshold" = 80;
|
||||||
# "format-critical" = "{temperatureC}°C {icon}";
|
"format" = "{temperatureC}\n°C";
|
||||||
"format" = "{temperatureC}°C {icon}";
|
"justify" = "center";
|
||||||
"format-icons" = ["" "" ""];
|
|
||||||
};
|
};
|
||||||
"backlight" = {
|
"backlight" = {
|
||||||
# "device" = "acpi_video1";
|
# "device" = "acpi_video1";
|
||||||
"format" = "{percent}% {icon}";
|
"format" = "{percent}%\n{icon}";
|
||||||
"format-icons" = ["" ""];
|
"format-icons" = ["" ""];
|
||||||
|
"justify" = "center";
|
||||||
};
|
};
|
||||||
"battery" = {
|
"battery" = {
|
||||||
"states" = {
|
"states" = {
|
||||||
|
@ -91,55 +103,53 @@
|
||||||
"warning" = 30;
|
"warning" = 30;
|
||||||
"critical" = 1;
|
"critical" = 1;
|
||||||
};
|
};
|
||||||
"format" = "{capacity}% {time} {icon}";
|
"tooltip-format" = "{timeTo}\n{power} watts\n{health}% health\n{cycles} cycles";
|
||||||
"format-charging" = "{capacity}% {time} ";
|
"format" = "{icon}{capacity}%-\n{time}";
|
||||||
"format-plugged" = "{capacity}% {time} ";
|
"format-charging" = "{capacity}%+\n{time}";
|
||||||
"format-alt" = "{capacity}% {icon}";
|
"format-plugged" = "{capacity}%=\n{time}";
|
||||||
|
"format-alt" = "{capacity}%";
|
||||||
"format-good" = ""; # An empty format will hide the module
|
"format-good" = ""; # An empty format will hide the module
|
||||||
"format-full" = "";
|
"format-time" = "{H}:{m}";
|
||||||
"format-icons" = ["" "" "" "" ""];
|
"justify" = "center";
|
||||||
};
|
};
|
||||||
"network" = {
|
"network" = {
|
||||||
"format-wifi" = "{essid} ({signalStrength}%) ";
|
"format-wifi" = "{bandwidthUpBits} up \n{bandwidthDownBits} down";
|
||||||
"format-ethernet" = "{ifname}: {ipaddr}/{cidr} ";
|
"format-ethernet" = "{bandwidthUpBits} up \n{bandwidthDownBits} down";
|
||||||
"format-linked" = "{ifname} (No IP) ";
|
"format-linked" = "{bandwidthUpBits} up \n{bandwidthDownBits} down";
|
||||||
"format-disconnected" = "Disconnected ⚠";
|
"format-disconnected" = "No Network {icon}";
|
||||||
"format-alt" = "{ifname}: {ipaddr}/{cidr}";
|
"format-alt" = "{bandwidthUpBits} up \n{bandwidthDownBits} down";
|
||||||
|
"interval" = 5;
|
||||||
|
"justify" = "right";
|
||||||
};
|
};
|
||||||
"mpris" = {
|
"mpris" = {
|
||||||
"format" = "{title} by {artist}";
|
"format" = "{title}\nby {artist}";
|
||||||
|
"justify" = "center";
|
||||||
};
|
};
|
||||||
"pulseaudio" = {
|
"pulseaudio" = {
|
||||||
# "scroll-step" = 1, # %, can be a floa;
|
/*
|
||||||
"format" = "{volume} {icon} <span>{format_source}</span>";
|
"scroll-step" = 1, # %, can be a floa;
|
||||||
#"format" = "{volume}% {icon} {format_source}";
|
"format" = "{volume}% {icon} {format_source}";
|
||||||
#"format-bluetooth" = "{volume}% {icon} {format_source}";
|
"format-muted" = " {format_source}";
|
||||||
#"format-bluetooth-muted" = " {icon} {format_source}";
|
*/
|
||||||
#"format-muted" = " {format_source}";
|
"format" = "{volume}%\n{format_source}";
|
||||||
"format-muted" = " {format_source}";
|
"format-muted" = "MUTE\n{format_source}";
|
||||||
"format-source" = "";
|
"format-bluetooth" = "{volume}%\n{format_source}";
|
||||||
"format-source-muted" = "";
|
"format-bluetooth-muted" = "MUTE\n{format_source}";
|
||||||
"format-icons" = {
|
"format-source" = "MIC ON";
|
||||||
"headphones" = "";
|
"format-source-muted" = "MIC OFF";
|
||||||
"handsfree" = "";
|
|
||||||
"headset" = "";
|
|
||||||
"phone" = "";
|
|
||||||
"portable" = "";
|
|
||||||
"car" = "";
|
|
||||||
"default" = ["" "" ""];
|
|
||||||
};
|
|
||||||
# TODO: toggle mute?
|
# TODO: toggle mute?
|
||||||
"on-click" = "pavucontrol";
|
"on-click" = "${pkgs.pavucontrol}/bin/pavucontrol";
|
||||||
|
"justify" = "center";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
style = let
|
style = let
|
||||||
border-width = "0px";
|
border-width = "0px";
|
||||||
in
|
in
|
||||||
with colors.withHashPrefix; ''
|
with style.colors.withHashPrefix; ''
|
||||||
* {
|
* {
|
||||||
border-radius: 0;
|
border-radius: 0;
|
||||||
font-family: "${font.name}", "Symbols Nerd Font Mono", sans-serif;
|
font-family: "${style.font.name}", "Symbols Nerd Font Mono", sans-serif;
|
||||||
font-size: 16px;
|
font-size: 16px;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
{
|
{
|
||||||
disko,
|
disko,
|
||||||
sops-nix,
|
sops-nix,
|
||||||
colors,
|
style,
|
||||||
flakeInputs,
|
flakeInputs,
|
||||||
homeManagerModules,
|
homeManagerModules,
|
||||||
home-manager,
|
home-manager,
|
||||||
|
@ -11,6 +11,124 @@
|
||||||
pubkey,
|
pubkey,
|
||||||
overlays,
|
overlays,
|
||||||
}: {
|
}: {
|
||||||
|
ewwbar = {pkgs, ...}: {
|
||||||
|
# imports = with nixosModules; [];
|
||||||
|
environment.systemPackages = with pkgs; [eww upower jq];
|
||||||
|
|
||||||
|
# TODO: include the home-manager modules for daniel?
|
||||||
|
};
|
||||||
|
|
||||||
|
hyprland = {pkgs, ...}: {
|
||||||
|
imports = with nixosModules; [
|
||||||
|
ewwbar
|
||||||
|
pipewire
|
||||||
|
];
|
||||||
|
|
||||||
|
programs.hyprland = {
|
||||||
|
enable = true;
|
||||||
|
};
|
||||||
|
environment.systemPackages = with pkgs; [hyprpaper xwaylandvideobridge socat];
|
||||||
|
|
||||||
|
programs.hyprland = {
|
||||||
|
package = flakeInputs.hyprland.packages.${pkgs.system}.hyprland;
|
||||||
|
};
|
||||||
|
|
||||||
|
# TODO: include the home-manager modules for daniel?
|
||||||
|
};
|
||||||
|
|
||||||
|
sway = {pkgs, ...}: {
|
||||||
|
imports = with nixosModules; [
|
||||||
|
pipewire
|
||||||
|
];
|
||||||
|
|
||||||
|
home-manager.users.daniel = {
|
||||||
|
imports = with homeManagerModules; [
|
||||||
|
sway
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
programs.sway = {
|
||||||
|
enable = true;
|
||||||
|
wrapperFeatures.gtk = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
# services.xserver.libinput.enable = true;
|
||||||
|
|
||||||
|
# TODO: a lot of this probably needs de-duping with hyprland?
|
||||||
|
|
||||||
|
services.gnome.gnome-keyring.enable = true;
|
||||||
|
|
||||||
|
xdg.portal = {
|
||||||
|
enable = true;
|
||||||
|
wlr.enable = true;
|
||||||
|
|
||||||
|
extraPortals = with pkgs; [
|
||||||
|
xdg-desktop-portal-wlr
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
services.dbus.enable = true;
|
||||||
|
security.polkit.enable = true; # needed for home-manager integration
|
||||||
|
|
||||||
|
programs.thunar = {
|
||||||
|
enable = true;
|
||||||
|
plugins = with pkgs.xfce; [thunar-archive-plugin thunar-volman];
|
||||||
|
};
|
||||||
|
|
||||||
|
services.gvfs = {
|
||||||
|
enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
environment = {
|
||||||
|
variables = {
|
||||||
|
VISUAL = "hx";
|
||||||
|
PAGER = "less";
|
||||||
|
MANPAGER = "less";
|
||||||
|
};
|
||||||
|
|
||||||
|
systemPackages = with pkgs; [
|
||||||
|
brightnessctl
|
||||||
|
feh
|
||||||
|
grim
|
||||||
|
libinput
|
||||||
|
libinput-gestures
|
||||||
|
libnotify
|
||||||
|
mako
|
||||||
|
noto-fonts
|
||||||
|
pamixer
|
||||||
|
playerctl
|
||||||
|
pulseaudio
|
||||||
|
pulsemixer
|
||||||
|
slurp
|
||||||
|
swaybg
|
||||||
|
swayidle
|
||||||
|
swaylock
|
||||||
|
swayosd
|
||||||
|
tofi
|
||||||
|
waybar
|
||||||
|
wl-clipboard
|
||||||
|
zathura
|
||||||
|
|
||||||
|
/*
|
||||||
|
gimp
|
||||||
|
inkscape
|
||||||
|
krita
|
||||||
|
lutris
|
||||||
|
nil
|
||||||
|
nixpkgs-fmt
|
||||||
|
pavucontrol
|
||||||
|
rclone
|
||||||
|
restic
|
||||||
|
steam
|
||||||
|
vlc
|
||||||
|
vulkan-tools
|
||||||
|
weechat
|
||||||
|
wine
|
||||||
|
*/
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
deno-netlify-ddns-client = import ./deno-netlify-ddns-client.nix;
|
deno-netlify-ddns-client = import ./deno-netlify-ddns-client.nix;
|
||||||
|
|
||||||
fallback-hostname = {lib, ...}: {
|
fallback-hostname = {lib, ...}: {
|
||||||
|
@ -123,9 +241,11 @@
|
||||||
file
|
file
|
||||||
iputils
|
iputils
|
||||||
nettools
|
nettools
|
||||||
# nodePackages.bash-language-server # just pull in as needed?
|
/*
|
||||||
# shellcheck
|
nodePackages.bash-language-server # just pull in as needed?
|
||||||
# shfmt
|
shellcheck
|
||||||
|
shfmt
|
||||||
|
*/
|
||||||
killall
|
killall
|
||||||
ripgrep
|
ripgrep
|
||||||
rsync
|
rsync
|
||||||
|
@ -154,9 +274,11 @@
|
||||||
pkgs,
|
pkgs,
|
||||||
...
|
...
|
||||||
}: {
|
}: {
|
||||||
# https://nixos.wiki/wiki/Remote_disk_unlocking
|
/*
|
||||||
# "When using DHCP, make sure your computer is always attached to the network and is able to get an IP adress, or the boot process will hang."
|
https://nixos.wiki/wiki/Remote_disk_unlocking
|
||||||
# ^ seems less than ideal
|
"When using DHCP, make sure your computer is always attached to the network and is able to get an IP adress, or the boot process will hang."
|
||||||
|
^ seems less than ideal
|
||||||
|
*/
|
||||||
boot.kernelParams = ["ip=dhcp"];
|
boot.kernelParams = ["ip=dhcp"];
|
||||||
boot.initrd = {
|
boot.initrd = {
|
||||||
# availableKernelModules = ["r8169"]; # ethernet drivers
|
# availableKernelModules = ["r8169"]; # ethernet drivers
|
||||||
|
@ -186,22 +308,26 @@
|
||||||
settings = {
|
settings = {
|
||||||
PasswordAuthentication = false;
|
PasswordAuthentication = false;
|
||||||
KbdInteractiveAuthentication = false;
|
KbdInteractiveAuthentication = false;
|
||||||
PermitRootLogin = "prohibit-password";
|
PermitRootLogin = lib.mkForce "prohibit-password";
|
||||||
};
|
};
|
||||||
|
|
||||||
openFirewall = lib.mkDefault true;
|
openFirewall = lib.mkDefault true;
|
||||||
|
|
||||||
# listenAddresses = [
|
/*
|
||||||
# { addr = "0.0.0.0"; port = 22; }
|
listenAddresses = [
|
||||||
# ];
|
{ addr = "0.0.0.0"; port = 22; }
|
||||||
|
];
|
||||||
|
*/
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
password-manager = {pkgs, ...}: {
|
password-manager = {pkgs, ...}: {
|
||||||
# programs.goldwarden = {
|
/*
|
||||||
# NOTE: This didn't seem to work for me, but would be awesome!
|
programs.goldwarden = {
|
||||||
# enable = true;
|
## NOTE: This didn't seem to work for me, but would be awesome! (but I can't remember why?)
|
||||||
# };
|
enable = true;
|
||||||
|
};
|
||||||
|
*/
|
||||||
|
|
||||||
home-manager.users.daniel = {
|
home-manager.users.daniel = {
|
||||||
imports = with homeManagerModules; [
|
imports = with homeManagerModules; [
|
||||||
|
@ -225,6 +351,10 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
cross-compiler = {config, ...}: {
|
||||||
|
boot.binfmt.emulatedSystems = ["aarch64-linux" "i686-linux"];
|
||||||
|
};
|
||||||
|
|
||||||
default-nix-configuration-and-overlays = {
|
default-nix-configuration-and-overlays = {
|
||||||
lib,
|
lib,
|
||||||
config,
|
config,
|
||||||
|
@ -247,12 +377,14 @@
|
||||||
trusted-users = ["root" "daniel"];
|
trusted-users = ["root" "daniel"];
|
||||||
experimental-features = lib.mkDefault ["nix-command" "flakes"];
|
experimental-features = lib.mkDefault ["nix-command" "flakes"];
|
||||||
|
|
||||||
|
extra-platforms = ["i686-linux" "aarch64-linux"];
|
||||||
|
|
||||||
substituters = [
|
substituters = [
|
||||||
# TODO: dedupe with flake's config? is that even necessary?
|
# TODO: dedupe with flake's config? is that even necessary?
|
||||||
"https://cache.nixos.org/"
|
"https://cache.nixos.org/"
|
||||||
"https://helix.cachix.org"
|
"https://helix.cachix.org"
|
||||||
"https://nix-community.cachix.org"
|
"https://nix-community.cachix.org"
|
||||||
# "https://nix.h.lyte.dev"
|
"https://nix.h.lyte.dev"
|
||||||
"https://hyprland.cachix.org"
|
"https://hyprland.cachix.org"
|
||||||
];
|
];
|
||||||
trusted-public-keys = [
|
trusted-public-keys = [
|
||||||
|
@ -278,6 +410,19 @@
|
||||||
ACTION=="add", SUBSYSTEM=="backlight", RUN+="${pkgs.coreutils}/bin/chgrp video /sys/class/backlight/%k/brightness"
|
ACTION=="add", SUBSYSTEM=="backlight", RUN+="${pkgs.coreutils}/bin/chgrp video /sys/class/backlight/%k/brightness"
|
||||||
ACTION=="add", SUBSYSTEM=="backlight", RUN+="${pkgs.coreutils}/bin/chmod g+w /sys/class/backlight/%k/brightness"
|
ACTION=="add", SUBSYSTEM=="backlight", RUN+="${pkgs.coreutils}/bin/chmod g+w /sys/class/backlight/%k/brightness"
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
services.upower.enable = true;
|
||||||
|
|
||||||
|
# NOTE: I previously let plasma settings handle this
|
||||||
|
services.logind = {
|
||||||
|
lidSwitch = "suspend-then-hibernate";
|
||||||
|
extraConfig = ''
|
||||||
|
HandleLidSwitchDocked=ignore
|
||||||
|
HandlePowerKey=suspend-then-hibernate
|
||||||
|
IdleActionSec=11m
|
||||||
|
IdleAction=suspend-then-hibernate
|
||||||
|
'';
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
emacs = {pkgs, ...}: {
|
emacs = {pkgs, ...}: {
|
||||||
|
@ -303,9 +448,11 @@
|
||||||
environment.sessionVariables.NIXOS_OZONE_WL = "1";
|
environment.sessionVariables.NIXOS_OZONE_WL = "1";
|
||||||
programs.neovim = {
|
programs.neovim = {
|
||||||
enable = true;
|
enable = true;
|
||||||
# plugins = [
|
/*
|
||||||
# pkgs.vimPlugins.nvim-treesitter.withAllGrammars
|
plugins = [
|
||||||
# ];
|
pkgs.vimPlugins.nvim-treesitter.withAllGrammars
|
||||||
|
];
|
||||||
|
*/
|
||||||
};
|
};
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
|
@ -400,6 +547,8 @@
|
||||||
|
|
||||||
troubleshooting-tools = {pkgs, ...}: {
|
troubleshooting-tools = {pkgs, ...}: {
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
|
comma
|
||||||
|
iftop
|
||||||
bottom
|
bottom
|
||||||
btop
|
btop
|
||||||
dnsutils
|
dnsutils
|
||||||
|
@ -411,6 +560,7 @@
|
||||||
hexyl
|
hexyl
|
||||||
pkgs.unixtools.xxd
|
pkgs.unixtools.xxd
|
||||||
usbutils
|
usbutils
|
||||||
|
comma
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -440,13 +590,15 @@
|
||||||
...
|
...
|
||||||
}: {
|
}: {
|
||||||
imports = with nixosModules; [
|
imports = with nixosModules; [
|
||||||
plasma6
|
sway
|
||||||
|
# hyprland
|
||||||
enable-flatpaks-and-appimages
|
enable-flatpaks-and-appimages
|
||||||
fonts
|
fonts
|
||||||
development-tools
|
development-tools
|
||||||
printing
|
printing
|
||||||
music-consumption
|
music-consumption
|
||||||
video-tools
|
video-tools
|
||||||
|
radio-tools
|
||||||
];
|
];
|
||||||
|
|
||||||
xdg.portal.enable = true;
|
xdg.portal.enable = true;
|
||||||
|
@ -456,8 +608,10 @@
|
||||||
then {
|
then {
|
||||||
graphics = {
|
graphics = {
|
||||||
enable = true;
|
enable = true;
|
||||||
# driSupport32Bit = true;
|
/*
|
||||||
# driSupport = true;
|
driSupport32Bit = true;
|
||||||
|
driSupport = true;
|
||||||
|
*/
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
@ -473,24 +627,35 @@
|
||||||
slides
|
slides
|
||||||
];
|
];
|
||||||
variables = {
|
variables = {
|
||||||
# GTK_THEME = "Catppuccin-Mocha-Compact-Sapphire-Dark";
|
/*
|
||||||
# GTK_USE_PORTAL = "1";
|
GTK_THEME = "Catppuccin-Mocha-Compact-Sapphire-Dark";
|
||||||
|
GTK_USE_PORTAL = "1";
|
||||||
|
*/
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# ewwbar = {};
|
|
||||||
# gnome = {};
|
# gnome = {};
|
||||||
# hyprland = {};
|
|
||||||
# intel = {};
|
# intel = {};
|
||||||
|
|
||||||
|
radio-tools = {pkgs, ...}: {
|
||||||
|
environment = {
|
||||||
|
systemPackages = with pkgs; [
|
||||||
|
chirp
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
kde-connect = {
|
kde-connect = {
|
||||||
programs.kdeconnect.enable = true;
|
programs.kdeconnect.enable = true;
|
||||||
|
|
||||||
# networking.firewall = {
|
/*
|
||||||
# allowedTCPPortRanges = [ { from = 1714; to = 1764; } ];
|
# handled by enabling
|
||||||
# allowedUDPPortRanges = [ { from = 1714; to = 1764; } ];
|
networking.firewall = {
|
||||||
# };
|
allowedTCPPortRanges = [ { from = 1714; to = 1764; } ];
|
||||||
|
allowedUDPPortRanges = [ { from = 1714; to = 1764; } ];
|
||||||
|
};
|
||||||
|
*/
|
||||||
};
|
};
|
||||||
|
|
||||||
fonts = {pkgs, ...}: {
|
fonts = {pkgs, ...}: {
|
||||||
|
@ -535,21 +700,24 @@
|
||||||
maliit-framework
|
maliit-framework
|
||||||
|
|
||||||
kdePackages.kate
|
kdePackages.kate
|
||||||
# kdePackages.kdenlive
|
|
||||||
# kdePackages.merkuro
|
|
||||||
kdePackages.kcalc
|
kdePackages.kcalc
|
||||||
# kdePackages.neochat
|
|
||||||
kdePackages.filelight
|
kdePackages.filelight
|
||||||
kdePackages.krdc
|
kdePackages.krdc
|
||||||
kdePackages.krfb
|
kdePackages.krfb
|
||||||
kdePackages.kclock
|
kdePackages.kclock
|
||||||
kdePackages.kweather
|
kdePackages.kweather
|
||||||
kdePackages.ktorrent
|
kdePackages.ktorrent
|
||||||
# kdePackages.kdevelop
|
|
||||||
# kdePackages.kdialog
|
|
||||||
kdePackages.kdeplasma-addons
|
kdePackages.kdeplasma-addons
|
||||||
|
|
||||||
unstable-packages.kdePackages.krdp
|
unstable-packages.kdePackages.krdp
|
||||||
|
|
||||||
|
/*
|
||||||
|
kdePackages.kdenlive
|
||||||
|
kdePackages.merkuro
|
||||||
|
kdePackages.neochat
|
||||||
|
kdePackages.kdevelop
|
||||||
|
kdePackages.kdialog
|
||||||
|
*/
|
||||||
];
|
];
|
||||||
|
|
||||||
programs.gnupg.agent.pinentryPackage = pkgs.pinentry-tty;
|
programs.gnupg.agent.pinentryPackage = pkgs.pinentry-tty;
|
||||||
|
@ -630,50 +798,56 @@
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
# extraConfig.pipewire."92-low-latency" = {
|
/*
|
||||||
# context.properties = {
|
extraConfig.pipewire."92-low-latency" = {
|
||||||
# default.clock.rate = 48000;
|
context.properties = {
|
||||||
# default.clock.quantum = 32;
|
default.clock.rate = 48000;
|
||||||
# default.clock.min-quantum = 32;
|
default.clock.quantum = 32;
|
||||||
# default.clock.max-quantum = 32;
|
default.clock.min-quantum = 32;
|
||||||
# };
|
default.clock.max-quantum = 32;
|
||||||
# };
|
};
|
||||||
|
};
|
||||||
|
*/
|
||||||
};
|
};
|
||||||
|
|
||||||
# recommended by https://nixos.wiki/wiki/PipeWire
|
# recommended by https://nixos.wiki/wiki/PipeWire
|
||||||
security.rtkit.enable = true;
|
security.rtkit.enable = true;
|
||||||
|
|
||||||
# services.pipewire = {
|
/*
|
||||||
# enable = true;
|
services.pipewire = {
|
||||||
|
enable = true;
|
||||||
|
|
||||||
# wireplumber.enable = true;
|
wireplumber.enable = true;
|
||||||
# pulse.enable = true;
|
pulse.enable = true;
|
||||||
# jack.enable = true;
|
jack.enable = true;
|
||||||
|
|
||||||
# alsa = {
|
alsa = {
|
||||||
# enable = true;
|
enable = true;
|
||||||
# support32Bit = true;
|
support32Bit = true;
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
|
|
||||||
# hardware = {
|
hardware = {
|
||||||
# pulseaudio = {
|
pulseaudio = {
|
||||||
# enable = false;
|
enable = false;
|
||||||
# support32Bit = true;
|
support32Bit = true;
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
|
|
||||||
# security = {
|
security = {
|
||||||
# # I forget why I need these exactly...
|
# I forget why I need these exactly...
|
||||||
# polkit.enable = true;
|
polkit.enable = true;
|
||||||
|
|
||||||
# rtkit.enable = true;
|
rtkit.enable = true;
|
||||||
# };
|
};
|
||||||
|
*/
|
||||||
};
|
};
|
||||||
|
|
||||||
music-production = {pkgs, ...}: {
|
music-production = {pkgs, ...}: {
|
||||||
# TODO: may want to force nixpkgs-stable for a more-stable music production
|
/*
|
||||||
# environment?
|
TODO: may want to force nixpkgs-stable for a more-stable music production
|
||||||
|
environment?
|
||||||
|
*/
|
||||||
imports = [
|
imports = [
|
||||||
{
|
{
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
|
@ -684,11 +858,12 @@
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
# TODO: things to look into for music production:
|
/*
|
||||||
# - https://linuxmusicians.com/viewtopic.php?t=27016
|
TODO: things to look into for music production:
|
||||||
# - KXStudio?
|
- https://linuxmusicians.com/viewtopic.php?t=27016
|
||||||
# - falktx (https://github.com/DISTRHO/Cardinal)
|
- KXStudio?
|
||||||
# -
|
- falktx (https://github.com/DISTRHO/Cardinal)
|
||||||
|
*/
|
||||||
};
|
};
|
||||||
|
|
||||||
podman = {pkgs, ...}: {
|
podman = {pkgs, ...}: {
|
||||||
|
@ -713,6 +888,15 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
virtual-machines = {pkgs, ...}: {
|
||||||
|
virtualisation.libvirtd.enable = true;
|
||||||
|
users.users.daniel.extraGroups = ["libvirtd"];
|
||||||
|
};
|
||||||
|
|
||||||
|
virtual-machines-gui = {pkgs, ...}: {
|
||||||
|
programs.virt-manager.enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
postgres = {pkgs, ...}: {
|
postgres = {pkgs, ...}: {
|
||||||
# this is really just for development usage
|
# this is really just for development usage
|
||||||
services.postgresql = {
|
services.postgresql = {
|
||||||
|
@ -771,8 +955,6 @@
|
||||||
services.printing.drivers = [pkgs.gutenprint];
|
services.printing.drivers = [pkgs.gutenprint];
|
||||||
};
|
};
|
||||||
|
|
||||||
sway = {};
|
|
||||||
|
|
||||||
enable-flatpaks-and-appimages = {
|
enable-flatpaks-and-appimages = {
|
||||||
services.flatpak.enable = true;
|
services.flatpak.enable = true;
|
||||||
programs.appimage.binfmt = true;
|
programs.appimage.binfmt = true;
|
||||||
|
@ -784,9 +966,15 @@
|
||||||
networking.networkmanager.enable = mkDefault true;
|
networking.networkmanager.enable = mkDefault true;
|
||||||
systemd.services.NetworkManager-wait-online.enable = mkDefault false;
|
systemd.services.NetworkManager-wait-online.enable = mkDefault false;
|
||||||
|
|
||||||
# TODO: networking.networkmanager.wifi.backend = "iwd"; ?
|
/*
|
||||||
# TODO: powersave?
|
TODO: networking.networkmanager.wifi.backend = "iwd"; ?
|
||||||
# TODO: can I pre-configure my usual wifi networks with SSIDs and PSKs loaded from secrets?
|
TODO: powersave?
|
||||||
|
TODO: can I pre-configure my usual wifi networks with SSIDs and PSKs loaded from secrets?
|
||||||
|
*/
|
||||||
|
hardware.wirelessRegulatoryDatabase = true;
|
||||||
|
boot.extraModprobeConfig = ''
|
||||||
|
options cfg80211 ieee80211_regdom="US"
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
steam = {pkgs, ...}: {
|
steam = {pkgs, ...}: {
|
||||||
|
@ -794,12 +982,15 @@
|
||||||
|
|
||||||
programs.steam = {
|
programs.steam = {
|
||||||
enable = true;
|
enable = true;
|
||||||
# extest.enable = true;
|
|
||||||
# gamescopeSession.enable = true;
|
|
||||||
|
|
||||||
# extraPackages = with pkgs; [
|
/*
|
||||||
# gamescope
|
extest.enable = true;
|
||||||
# ];
|
gamescopeSession.enable = true;
|
||||||
|
|
||||||
|
extraPackages = with pkgs; [
|
||||||
|
gamescope
|
||||||
|
];
|
||||||
|
*/
|
||||||
|
|
||||||
extraCompatPackages = with pkgs; [
|
extraCompatPackages = with pkgs; [
|
||||||
proton-ge-bin
|
proton-ge-bin
|
||||||
|
@ -817,8 +1008,10 @@
|
||||||
];
|
];
|
||||||
|
|
||||||
# remote play ports - should be unnecessary due to programs.steam.remotePlay.openFirewall = true;
|
# remote play ports - should be unnecessary due to programs.steam.remotePlay.openFirewall = true;
|
||||||
# networking.firewall.allowedUDPPortRanges = [ { from = 27031; to = 27036; } ];
|
/*
|
||||||
# networking.firewall.allowedTCPPortRanges = [ { from = 27036; to = 27037; } ];
|
networking.firewall.allowedUDPPortRanges = [ { from = 27031; to = 27036; } ];
|
||||||
|
networking.firewall.allowedTCPPortRanges = [ { from = 27036; to = 27037; } ];
|
||||||
|
*/
|
||||||
};
|
};
|
||||||
|
|
||||||
root = {
|
root = {
|
||||||
|
@ -957,41 +1150,43 @@
|
||||||
boot.tmp.cleanOnBoot = true;
|
boot.tmp.cleanOnBoot = true;
|
||||||
services.irqbalance.enable = true;
|
services.irqbalance.enable = true;
|
||||||
|
|
||||||
services.kanidm = {
|
# this is not ready for primetime yet
|
||||||
enableClient = true;
|
# services.kanidm = {
|
||||||
enablePam = true;
|
# enableClient = true;
|
||||||
package = pkgs.kanidm;
|
# enablePam = true;
|
||||||
|
# package = pkgs.kanidm;
|
||||||
|
|
||||||
clientSettings.uri = "https://idm.h.lyte.dev";
|
# clientSettings.uri = "https://idm.h.lyte.dev";
|
||||||
unixSettings = {
|
# unixSettings = {
|
||||||
# hsm_pin_path = "/somewhere/else";
|
# # hsm_pin_path = "/somewhere/else";
|
||||||
pam_allowed_login_groups = [];
|
# pam_allowed_login_groups = [];
|
||||||
};
|
# };
|
||||||
};
|
# };
|
||||||
|
# systemd.tmpfiles.rules = [
|
||||||
systemd.tmpfiles.rules = [
|
# "d /etc/kanidm 1755 nobody users -"
|
||||||
"d /etc/kanidm 1755 nobody users -"
|
# ];
|
||||||
];
|
|
||||||
|
|
||||||
# module has the incorrect file permissions out of the box
|
# module has the incorrect file permissions out of the box
|
||||||
environment.etc = {
|
# environment.etc = {
|
||||||
# "kanidm" = {
|
/*
|
||||||
# enable = true;
|
"kanidm" = {
|
||||||
# user = "nobody";
|
enable = true;
|
||||||
# group = "users";
|
user = "nobody";
|
||||||
# mode = "0755";
|
group = "users";
|
||||||
# };
|
mode = "0755";
|
||||||
"kanidm/unixd" = {
|
|
||||||
user = "kanidm-unixd";
|
|
||||||
group = "kanidm-unixd";
|
|
||||||
mode = "0700";
|
|
||||||
};
|
|
||||||
"kanidm/config" = {
|
|
||||||
user = "nobody";
|
|
||||||
group = "users";
|
|
||||||
mode = "0755";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
*/
|
||||||
|
# "kanidm/unixd" = {
|
||||||
|
# user = "kanidm-unixd";
|
||||||
|
# group = "kanidm-unixd";
|
||||||
|
# mode = "0700";
|
||||||
|
# };
|
||||||
|
# "kanidm/config" = {
|
||||||
|
# user = "nobody";
|
||||||
|
# group = "users";
|
||||||
|
# mode = "0755";
|
||||||
|
# };
|
||||||
|
# };
|
||||||
|
|
||||||
programs.gnupg.agent = {
|
programs.gnupg.agent = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -999,7 +1194,7 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
time = {
|
time = {
|
||||||
timeZone = lib.mkDefault "America/Chicago";
|
timeZone = "America/Chicago";
|
||||||
};
|
};
|
||||||
|
|
||||||
i18n = {
|
i18n = {
|
||||||
|
@ -1022,7 +1217,7 @@
|
||||||
useXkbConfig = lib.mkDefault true;
|
useXkbConfig = lib.mkDefault true;
|
||||||
earlySetup = lib.mkDefault true;
|
earlySetup = lib.mkDefault true;
|
||||||
|
|
||||||
colors = with colors; [
|
colors = with style.colors; [
|
||||||
bg
|
bg
|
||||||
red
|
red
|
||||||
green
|
green
|
||||||
|
@ -1050,7 +1245,6 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
|
||||||
system.stateVersion = lib.mkDefault "24.05";
|
system.stateVersion = lib.mkDefault "24.05";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -31,7 +31,7 @@ in {
|
||||||
requestTimeout = mkOption {
|
requestTimeout = mkOption {
|
||||||
type = types.int;
|
type = types.int;
|
||||||
description = "The maximum number of seconds before the HTTP request times out.";
|
description = "The maximum number of seconds before the HTTP request times out.";
|
||||||
default = 30;
|
default = 180;
|
||||||
};
|
};
|
||||||
afterBootTime = mkOption {
|
afterBootTime = mkOption {
|
||||||
type = types.str;
|
type = types.str;
|
||||||
|
@ -64,18 +64,24 @@ in {
|
||||||
set -eu
|
set -eu
|
||||||
password="$(cat "${cfg.passwordFile}")"
|
password="$(cat "${cfg.passwordFile}")"
|
||||||
${optionalString cfg.ipv4 ''
|
${optionalString cfg.ipv4 ''
|
||||||
${pkgs.curl}/bin/curl -4 -s \
|
"${pkgs.curl}/bin/curl" -4 -s \
|
||||||
|
-vvv \
|
||||||
-X POST \
|
-X POST \
|
||||||
--max-time ${toString cfg.requestTimeout} \
|
--max-time ${toString cfg.requestTimeout} \
|
||||||
-u "${cfg.username}:''${password}" \
|
-u "${cfg.username}:''${password}" \
|
||||||
-L "${cfg.endpoint}/v1/netlify-ddns/replace-all-relevant-user-dns-records"
|
-L "${cfg.endpoint}/v1/netlify-ddns/replace-all-relevant-user-dns-records" 2>&1 \
|
||||||
|
| "${pkgs.sd}/bin/sd" --fixed-strings "''${password}" "[REDACTED]" \
|
||||||
|
| "${pkgs.sd}/bin/sd" -f i "Authorization: .*" "Authorization: [REST OF LINE REDACTED]"
|
||||||
''}
|
''}
|
||||||
${optionalString cfg.ipv6 ''
|
${optionalString cfg.ipv6 ''
|
||||||
${pkgs.curl}/bin/curl -6 -s \
|
${pkgs.curl}/bin/curl -6 -s \
|
||||||
|
-vvv \
|
||||||
-X POST \
|
-X POST \
|
||||||
--max-time ${toString cfg.requestTimeout} \
|
--max-time ${toString cfg.requestTimeout} \
|
||||||
-u "${cfg.username}:''${password}" \
|
-u "${cfg.username}:''${password}" \
|
||||||
-L "${cfg.endpoint}/v1/netlify-ddns/replace-all-relevant-user-dns-records"
|
-L "${cfg.endpoint}/v1/netlify-ddns/replace-all-relevant-user-dns-records" 2>&1 \
|
||||||
|
| "${pkgs.sd}/bin/sd" --fixed-strings "''${password}" "[REDACTED]" \
|
||||||
|
| "${pkgs.sd}/bin/sd" -f i "Authorization: .*" "Authorization: [REST OF LINE REDACTED]"
|
||||||
''}
|
''}
|
||||||
'';
|
'';
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
|
|
|
@ -1,3 +0,0 @@
|
||||||
{pkgs, ...}: {
|
|
||||||
environment.systemPackages = with pkgs; [eww upower jq];
|
|
||||||
}
|
|
|
@ -40,7 +40,6 @@
|
||||||
|
|
||||||
environment = {
|
environment = {
|
||||||
variables = {
|
variables = {
|
||||||
GTK_THEME = "Catppuccin-Mocha-Compact-Sapphire-Dark";
|
|
||||||
VISUAL = "hx";
|
VISUAL = "hx";
|
||||||
PAGER = "less";
|
PAGER = "less";
|
||||||
MANPAGER = "less";
|
MANPAGER = "less";
|
||||||
|
@ -50,36 +49,35 @@
|
||||||
gnome.gnome-power-manager
|
gnome.gnome-power-manager
|
||||||
brightnessctl
|
brightnessctl
|
||||||
feh
|
feh
|
||||||
# gimp
|
|
||||||
grim
|
grim
|
||||||
# inkscape
|
|
||||||
# krita
|
|
||||||
libinput
|
libinput
|
||||||
libinput-gestures
|
libinput-gestures
|
||||||
libnotify
|
libnotify
|
||||||
# lutris
|
|
||||||
# nil
|
|
||||||
# nixpkgs-fmt
|
|
||||||
noto-fonts
|
noto-fonts
|
||||||
pamixer
|
pamixer
|
||||||
# pavucontrol
|
|
||||||
playerctl
|
playerctl
|
||||||
# pulseaudio
|
|
||||||
pulsemixer
|
pulsemixer
|
||||||
# rclone
|
|
||||||
# restic
|
|
||||||
slurp
|
slurp
|
||||||
# steam
|
|
||||||
swaybg
|
swaybg
|
||||||
swayidle
|
swayidle
|
||||||
swaylock
|
swaylock
|
||||||
# vlc
|
|
||||||
# vulkan-tools
|
|
||||||
waybar
|
waybar
|
||||||
# weechat
|
|
||||||
# wine
|
|
||||||
wl-clipboard
|
wl-clipboard
|
||||||
zathura
|
zathura
|
||||||
|
/*
|
||||||
|
gimp
|
||||||
|
inkscape
|
||||||
|
krita
|
||||||
|
pavucontrol
|
||||||
|
pulseaudio
|
||||||
|
rclone
|
||||||
|
restic
|
||||||
|
steam
|
||||||
|
vlc
|
||||||
|
vulkan-tools
|
||||||
|
weechat
|
||||||
|
wine
|
||||||
|
*/
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,17 +0,0 @@
|
||||||
{
|
|
||||||
inputs,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}: {
|
|
||||||
imports = [
|
|
||||||
./ewwbar.nix
|
|
||||||
./pipewire.nix
|
|
||||||
{
|
|
||||||
programs.hyprland = {
|
|
||||||
enable = true;
|
|
||||||
package = inputs.hyprland.packages.${pkgs.system}.hyprland;
|
|
||||||
};
|
|
||||||
environment.systemPackages = with pkgs; [hyprpaper xwaylandvideobridge socat];
|
|
||||||
}
|
|
||||||
];
|
|
||||||
}
|
|
|
@ -1,81 +0,0 @@
|
||||||
{pkgs, ...}: {
|
|
||||||
imports = [
|
|
||||||
./pipewire.nix
|
|
||||||
];
|
|
||||||
|
|
||||||
programs.sway = {
|
|
||||||
enable = true;
|
|
||||||
wrapperFeatures.gtk = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
# services.xserver.libinput.enable = true;
|
|
||||||
|
|
||||||
services.gnome.gnome-keyring.enable = true;
|
|
||||||
|
|
||||||
xdg.portal = {
|
|
||||||
enable = true;
|
|
||||||
wlr.enable = true;
|
|
||||||
|
|
||||||
extraPortals = with pkgs; [
|
|
||||||
xdg-desktop-portal-wlr
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
services.dbus.enable = true;
|
|
||||||
|
|
||||||
programs.thunar = {
|
|
||||||
enable = true;
|
|
||||||
plugins = with pkgs.xfce; [thunar-archive-plugin thunar-volman];
|
|
||||||
};
|
|
||||||
|
|
||||||
services.gvfs = {
|
|
||||||
enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
environment = {
|
|
||||||
variables = {
|
|
||||||
GTK_THEME = "Catppuccin-Mocha-Compact-Sapphire-Dark";
|
|
||||||
VISUAL = "hx";
|
|
||||||
PAGER = "less";
|
|
||||||
MANPAGER = "less";
|
|
||||||
};
|
|
||||||
|
|
||||||
systemPackages = with pkgs; [
|
|
||||||
brightnessctl
|
|
||||||
feh
|
|
||||||
# gimp
|
|
||||||
grim
|
|
||||||
# inkscape
|
|
||||||
# krita
|
|
||||||
libinput
|
|
||||||
libinput-gestures
|
|
||||||
libnotify
|
|
||||||
# mako
|
|
||||||
# lutris
|
|
||||||
# nil
|
|
||||||
# nixpkgs-fmt
|
|
||||||
noto-fonts
|
|
||||||
pamixer
|
|
||||||
# pavucontrol
|
|
||||||
playerctl
|
|
||||||
pulseaudio
|
|
||||||
pulsemixer
|
|
||||||
# rclone
|
|
||||||
# restic
|
|
||||||
slurp
|
|
||||||
# steam
|
|
||||||
swaybg
|
|
||||||
swayidle
|
|
||||||
swaylock
|
|
||||||
swayosd
|
|
||||||
tofi
|
|
||||||
# vlc
|
|
||||||
# vulkan-tools
|
|
||||||
waybar
|
|
||||||
# weechat
|
|
||||||
# wine
|
|
||||||
wl-clipboard
|
|
||||||
zathura
|
|
||||||
];
|
|
||||||
};
|
|
||||||
}
|
|
2596
nixos/beefcake.nix
2596
nixos/beefcake.nix
File diff suppressed because it is too large
Load diff
|
@ -40,21 +40,23 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# networking = {
|
/*
|
||||||
# firewall = let
|
networking = {
|
||||||
# terraria = 7777;
|
firewall = let
|
||||||
# stardew-valley = 24642;
|
terraria = 7777;
|
||||||
# web-dev-lan = 18888;
|
stardew-valley = 24642;
|
||||||
# ports = [
|
web-dev-lan = 18888;
|
||||||
# terraria
|
ports = [
|
||||||
# stardew-valley
|
terraria
|
||||||
# web-dev-lan
|
stardew-valley
|
||||||
# ];
|
web-dev-lan
|
||||||
# in {
|
];
|
||||||
# allowedTCPPorts = ports;
|
in {
|
||||||
# allowedUDPPorts = ports;
|
allowedTCPPorts = ports;
|
||||||
# };
|
allowedUDPPorts = ports;
|
||||||
# };
|
};
|
||||||
|
};
|
||||||
|
*/
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
radeontop
|
radeontop
|
||||||
|
@ -63,69 +65,73 @@
|
||||||
];
|
];
|
||||||
|
|
||||||
home-manager.users.daniel = {
|
home-manager.users.daniel = {
|
||||||
# slippi-launcher = {
|
/*
|
||||||
# enable = true;
|
slippi-launcher = {
|
||||||
# # isoPath = "${config.home-manager.users.daniel.home.homeDirectory}/../games/roms/dolphin/melee.iso";
|
enable = true;
|
||||||
# launchMeleeOnPlay = false;
|
# isoPath = "${config.home-manager.users.daniel.home.homeDirectory}/../games/roms/dolphin/melee.iso";
|
||||||
# };
|
launchMeleeOnPlay = false;
|
||||||
|
};
|
||||||
|
*/
|
||||||
|
|
||||||
# TODO: monitor config module?
|
# TODO: monitor config module?
|
||||||
# wayland.windowManager.hyprland = {
|
/*
|
||||||
# settings = {
|
wayland.windowManager.hyprland = {
|
||||||
# env = [
|
settings = {
|
||||||
# "EWW_BAR_MON,1"
|
env = [
|
||||||
# ];
|
"EWW_BAR_MON,1"
|
||||||
# # See https://wiki.hyprland.org/Configuring/Keywords/ for more
|
];
|
||||||
# monitor = [
|
# See https://wiki.hyprland.org/Configuring/Keywords/ for more
|
||||||
# # "DP-2,3840x2160@60,-2160x0,1,transform,3"
|
monitor = [
|
||||||
# "DP-3,3840x2160@120,${toString (builtins.ceil (2160 / 1.5))}x0,1"
|
# "DP-2,3840x2160@60,-2160x0,1,transform,3"
|
||||||
# # HDR breaks screenshare? "DP-3,3840x2160@120,${toString (builtins.ceil (2160 / 1.5))}x0,1,bitdepth,10"
|
"DP-3,3840x2160@120,${toString (builtins.ceil (2160 / 1.5))}x0,1"
|
||||||
# # "desc:LG Display 0x0521,3840x2160@120,0x0,1"
|
## HDR breaks screenshare? "DP-3,3840x2160@120,${toString (builtins.ceil (2160 / 1.5))}x0,1,bitdepth,10"
|
||||||
# # "desc:Dell Inc. DELL U2720Q D3TM623,3840x2160@60,3840x0,1.5,transform,1"
|
## "desc:LG Display 0x0521,3840x2160@120,0x0,1"
|
||||||
# "DP-2,3840x2160@60,0x0,1.5,transform,1"
|
## "desc:Dell Inc. DELL U2720Q D3TM623,3840x2160@60,3840x0,1.5,transform,1"
|
||||||
# ];
|
"DP-2,3840x2160@60,0x0,1.5,transform,1"
|
||||||
# input = {
|
];
|
||||||
# force_no_accel = true;
|
input = {
|
||||||
# sensitivity = 1; # -1.0 - 1.0, 0 means no modification.
|
force_no_accel = true;
|
||||||
# };
|
sensitivity = 1; # -1.0 - 1.0, 0 means no modification.
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
|
};
|
||||||
|
|
||||||
# wayland.windowManager.sway = {
|
wayland.windowManager.sway = {
|
||||||
# config = {
|
config = {
|
||||||
# output = {
|
output = {
|
||||||
# "GIGA-BYTE TECHNOLOGY CO., LTD. AORUS FO48U 23070B000307" = {
|
"GIGA-BYTE TECHNOLOGY CO., LTD. AORUS FO48U 23070B000307" = {
|
||||||
# mode = "3840x2160@120Hz";
|
mode = "3840x2160@120Hz";
|
||||||
# position = "${toString (builtins.ceil (2160 / 1.5))},0";
|
position = "${toString (builtins.ceil (2160 / 1.5))},0";
|
||||||
# };
|
};
|
||||||
|
|
||||||
# "Dell Inc. DELL U2720Q D3TM623" = {
|
"Dell Inc. DELL U2720Q D3TM623" = {
|
||||||
# # desktop left vertical monitor
|
# desktop left vertical monitor
|
||||||
# mode = "3840x2160@60Hz";
|
mode = "3840x2160@60Hz";
|
||||||
# transform = "90";
|
transform = "90";
|
||||||
# scale = "1.5";
|
scale = "1.5";
|
||||||
# position = "0,0";
|
position = "0,0";
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
|
|
||||||
# workspaceOutputAssign =
|
workspaceOutputAssign =
|
||||||
# (
|
(
|
||||||
# map
|
map
|
||||||
# (ws: {
|
(ws: {
|
||||||
# output = "GIGA-BYTE TECHNOLOGY CO., LTD. AORUS FO48U 23070B000307";
|
output = "GIGA-BYTE TECHNOLOGY CO., LTD. AORUS FO48U 23070B000307";
|
||||||
# workspace = toString ws;
|
workspace = toString ws;
|
||||||
# })
|
})
|
||||||
# (lib.range 1 7)
|
(lib.range 1 7)
|
||||||
# )
|
)
|
||||||
# ++ (
|
++ (
|
||||||
# map
|
map
|
||||||
# (ws: {
|
(ws: {
|
||||||
# output = "Dell Inc. DELL U2720Q D3TM623";
|
output = "Dell Inc. DELL U2720Q D3TM623";
|
||||||
# workspace = toString ws;
|
workspace = toString ws;
|
||||||
# })
|
})
|
||||||
# (lib.range 8 9)
|
(lib.range 8 9)
|
||||||
# );
|
);
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
|
*/
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
131
nixos/dragon.nix
131
nixos/dragon.nix
|
@ -10,6 +10,26 @@
|
||||||
home-manager.users.daniel.home.stateVersion = "24.05";
|
home-manager.users.daniel.home.stateVersion = "24.05";
|
||||||
networking.hostName = "dragon";
|
networking.hostName = "dragon";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
{
|
||||||
|
# sops secrets config
|
||||||
|
sops = {
|
||||||
|
defaultSopsFile = ../secrets/dragon/secrets.yml;
|
||||||
|
age = {
|
||||||
|
sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
|
||||||
|
keyFile = "/var/lib/sops-nix/key.txt";
|
||||||
|
generateKey = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
|
{
|
||||||
|
sops.secrets = {
|
||||||
|
ddns-pass = {mode = "0400";};
|
||||||
|
};
|
||||||
|
services.deno-netlify-ddns-client = {
|
||||||
|
passwordFile = config.sops.secrets.ddns-pass.path;
|
||||||
|
};
|
||||||
|
}
|
||||||
];
|
];
|
||||||
hardware.graphics.extraPackages = [
|
hardware.graphics.extraPackages = [
|
||||||
# pkgs.rocmPackages.clr.icd
|
# pkgs.rocmPackages.clr.icd
|
||||||
|
@ -73,62 +93,65 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
# TODO: monitor config module?
|
# TODO: monitor config module?
|
||||||
# wayland.windowManager.hyprland = {
|
wayland.windowManager.hyprland = {
|
||||||
# settings = {
|
settings = {
|
||||||
# env = [
|
env = [
|
||||||
# "EWW_BAR_MON,1"
|
"EWW_BAR_MON,1"
|
||||||
# ];
|
];
|
||||||
# # See https://wiki.hyprland.org/Configuring/Keywords/ for more
|
# See https://wiki.hyprland.org/Configuring/Keywords/ for more
|
||||||
# monitor = [
|
monitor = [
|
||||||
# # "DP-2,3840x2160@60,-2160x0,1,transform,3"
|
# "DP-2,3840x2160@60,-2160x0,1,transform,3"
|
||||||
# "DP-3,3840x2160@120,${toString (builtins.ceil (2160 / 1.5))}x0,1"
|
"DP-3,3840x2160@120,${toString (builtins.ceil (2160 / 1.5))}x0,1"
|
||||||
# # HDR breaks screenshare? "DP-3,3840x2160@120,${toString (builtins.ceil (2160 / 1.5))}x0,1,bitdepth,10"
|
# TODO: HDR breaks screenshare?
|
||||||
# # "desc:LG Display 0x0521,3840x2160@120,0x0,1"
|
/*
|
||||||
# # "desc:Dell Inc. DELL U2720Q D3TM623,3840x2160@60,3840x0,1.5,transform,1"
|
"DP-3,3840x2160@120,${toString (builtins.ceil (2160 / 1.5))}x0,1,bitdepth,10"
|
||||||
# "DP-2,3840x2160@60,0x0,1.5,transform,1"
|
"desc:LG Display 0x0521,3840x2160@120,0x0,1"
|
||||||
# ];
|
"desc:Dell Inc. DELL U2720Q D3TM623,3840x2160@60,3840x0,1.5,transform,1"
|
||||||
# input = {
|
*/
|
||||||
# force_no_accel = true;
|
"DP-2,3840x2160@60,0x0,1.5,transform,1"
|
||||||
# sensitivity = 1; # -1.0 - 1.0, 0 means no modification.
|
];
|
||||||
# };
|
input = {
|
||||||
# };
|
force_no_accel = true;
|
||||||
# };
|
sensitivity = 1; # -1.0 - 1.0, 0 means no modification.
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
# wayland.windowManager.sway = {
|
wayland.windowManager.sway = {
|
||||||
# config = {
|
config = {
|
||||||
# output = {
|
output = {
|
||||||
# "GIGA-BYTE TECHNOLOGY CO., LTD. AORUS FO48U 23070B000307" = {
|
"GIGA-BYTE TECHNOLOGY CO., LTD. AORUS FO48U 23070B000307" = {
|
||||||
# mode = "3840x2160@120Hz";
|
mode = "3840x2160@120Hz";
|
||||||
# position = "${toString (builtins.ceil (2160 / 1.5))},0";
|
position = "${toString (builtins.ceil (2160 / 1.5))},0";
|
||||||
# };
|
};
|
||||||
|
|
||||||
# "Dell Inc. DELL U2720Q D3TM623" = {
|
"Dell Inc. DELL U2720Q D3TM623" = {
|
||||||
# # desktop left vertical monitor
|
# desktop left vertical monitor
|
||||||
# mode = "3840x2160@60Hz";
|
mode = "3840x2160@60Hz";
|
||||||
# transform = "90";
|
transform = "270";
|
||||||
# scale = "1.5";
|
scale = "1.5";
|
||||||
# position = "0,0";
|
position = "0,0";
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
|
|
||||||
# workspaceOutputAssign =
|
workspaceOutputAssign =
|
||||||
# (
|
(
|
||||||
# map
|
map
|
||||||
# (ws: {
|
(ws: {
|
||||||
# output = "GIGA-BYTE TECHNOLOGY CO., LTD. AORUS FO48U 23070B000307";
|
output = "GIGA-BYTE TECHNOLOGY CO., LTD. AORUS FO48U 23070B000307";
|
||||||
# workspace = toString ws;
|
workspace = toString ws;
|
||||||
# })
|
})
|
||||||
# (lib.range 1 7)
|
(lib.range 1 7)
|
||||||
# )
|
)
|
||||||
# ++ (
|
++ (
|
||||||
# map
|
map
|
||||||
# (ws: {
|
(ws: {
|
||||||
# output = "Dell Inc. DELL U2720Q D3TM623";
|
output = "Dell Inc. DELL U2720Q D3TM623";
|
||||||
# workspace = toString ws;
|
workspace = toString ws;
|
||||||
# })
|
})
|
||||||
# (lib.range 8 9)
|
(lib.range 8 9)
|
||||||
# );
|
);
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
58
nixos/factorio-versions.json
Normal file
58
nixos/factorio-versions.json
Normal file
|
@ -0,0 +1,58 @@
|
||||||
|
{
|
||||||
|
"x86_64-linux": {
|
||||||
|
"alpha": {
|
||||||
|
"experimental": {
|
||||||
|
"name": "factorio_alpha_x64-1.1.110.tar.xz",
|
||||||
|
"needsAuth": true,
|
||||||
|
"sha256": "0ndhb94lh47n09a7wshm2inv52fd6rjfa7fk7nk9b7zzh84i7f4x",
|
||||||
|
"tarDirectory": "x64",
|
||||||
|
"url": "https://factorio.com/get-download/1.1.110/alpha/linux64",
|
||||||
|
"version": "1.1.110"
|
||||||
|
},
|
||||||
|
"stable": {
|
||||||
|
"name": "factorio_alpha_x64-1.1.110.tar.xz",
|
||||||
|
"needsAuth": true,
|
||||||
|
"sha256": "0ndhb94lh47n09a7wshm2inv52fd6rjfa7fk7nk9b7zzh84i7f4x",
|
||||||
|
"tarDirectory": "x64",
|
||||||
|
"url": "https://factorio.com/get-download/1.1.110/alpha/linux64",
|
||||||
|
"version": "1.1.110"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"demo": {
|
||||||
|
"experimental": {
|
||||||
|
"name": "factorio_demo_x64-1.1.110.tar.xz",
|
||||||
|
"needsAuth": false,
|
||||||
|
"sha256": "0dasxgrybl00vrabgrlarsvg0hdg5rvn3y4hsljhqc4zpbf93nxx",
|
||||||
|
"tarDirectory": "x64",
|
||||||
|
"url": "https://factorio.com/get-download/1.1.110/demo/linux64",
|
||||||
|
"version": "1.1.110"
|
||||||
|
},
|
||||||
|
"stable": {
|
||||||
|
"name": "factorio_demo_x64-1.1.110.tar.xz",
|
||||||
|
"needsAuth": false,
|
||||||
|
"sha256": "0dasxgrybl00vrabgrlarsvg0hdg5rvn3y4hsljhqc4zpbf93nxx",
|
||||||
|
"tarDirectory": "x64",
|
||||||
|
"url": "https://factorio.com/get-download/1.1.110/demo/linux64",
|
||||||
|
"version": "1.1.110"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"headless": {
|
||||||
|
"experimental": {
|
||||||
|
"name": "factorio_headless_x64-1.1.110.tar.xz",
|
||||||
|
"needsAuth": false,
|
||||||
|
"sha256": "0sk4g9y051xjhiwdhj1yz808308zwsbpq3nps1ywvpp56vdycps8",
|
||||||
|
"tarDirectory": "x64",
|
||||||
|
"url": "https://factorio.com/get-download/1.1.110/headless/linux64",
|
||||||
|
"version": "1.1.110"
|
||||||
|
},
|
||||||
|
"stable": {
|
||||||
|
"name": "factorio_headless_x64-1.1.110.tar.xz",
|
||||||
|
"needsAuth": false,
|
||||||
|
"sha256": "0sk4g9y051xjhiwdhj1yz808308zwsbpq3nps1ywvpp56vdycps8",
|
||||||
|
"tarDirectory": "x64",
|
||||||
|
"url": "https://factorio.com/get-download/1.1.110/headless/linux64",
|
||||||
|
"version": "1.1.110"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
|
@ -1,4 +1,244 @@
|
||||||
{pkgs, ...}: {
|
{pkgs, ...}:
|
||||||
|
/*
|
||||||
|
## source: https://community.frame.work/t/speakers-sound-quality/1078/82
|
||||||
|
let
|
||||||
|
pipewire-speakers-profile-json = ''{
|
||||||
|
"output": {
|
||||||
|
"blocklist": [],
|
||||||
|
"equalizer": {
|
||||||
|
"balance": 0.0,
|
||||||
|
"bypass": false,
|
||||||
|
"input-gain": 0.0,
|
||||||
|
"left": {
|
||||||
|
"band0": {
|
||||||
|
"frequency": 100.0,
|
||||||
|
"gain": 0.0,
|
||||||
|
"mode": "RLC (BT)",
|
||||||
|
"mute": false,
|
||||||
|
"q": 1.0,
|
||||||
|
"slope": "x4",
|
||||||
|
"solo": false,
|
||||||
|
"type": "Hi-pass"
|
||||||
|
},
|
||||||
|
"band1": {
|
||||||
|
"frequency": 150.0,
|
||||||
|
"gain": 4.02,
|
||||||
|
"mode": "RLC (BT)",
|
||||||
|
"mute": false,
|
||||||
|
"q": 3.0,
|
||||||
|
"slope": "x1",
|
||||||
|
"solo": false,
|
||||||
|
"type": "Bell"
|
||||||
|
},
|
||||||
|
"band2": {
|
||||||
|
"frequency": 600.0,
|
||||||
|
"gain": -5.07,
|
||||||
|
"mode": "RLC (BT)",
|
||||||
|
"mute": false,
|
||||||
|
"q": 4.000000000000008,
|
||||||
|
"slope": "x1",
|
||||||
|
"solo": false,
|
||||||
|
"type": "Bell"
|
||||||
|
},
|
||||||
|
"band3": {
|
||||||
|
"frequency": 1200.0,
|
||||||
|
"gain": -3.49,
|
||||||
|
"mode": "RLC (BT)",
|
||||||
|
"mute": false,
|
||||||
|
"q": 4.17,
|
||||||
|
"slope": "x1",
|
||||||
|
"solo": false,
|
||||||
|
"type": "Bell"
|
||||||
|
},
|
||||||
|
"band4": {
|
||||||
|
"frequency": 2000.0,
|
||||||
|
"gain": 1.43,
|
||||||
|
"mode": "RLC (BT)",
|
||||||
|
"mute": false,
|
||||||
|
"q": 4.0,
|
||||||
|
"slope": "x1",
|
||||||
|
"solo": false,
|
||||||
|
"type": "Bell"
|
||||||
|
},
|
||||||
|
"band5": {
|
||||||
|
"frequency": 5300.0,
|
||||||
|
"gain": 3.84,
|
||||||
|
"mode": "RLC (BT)",
|
||||||
|
"mute": false,
|
||||||
|
"q": 2.64,
|
||||||
|
"slope": "x1",
|
||||||
|
"solo": false,
|
||||||
|
"type": "Bell"
|
||||||
|
},
|
||||||
|
"band6": {
|
||||||
|
"frequency": 6000.0,
|
||||||
|
"gain": 4.02,
|
||||||
|
"mode": "RLC (BT)",
|
||||||
|
"mute": false,
|
||||||
|
"q": 4.36,
|
||||||
|
"slope": "x1",
|
||||||
|
"solo": false,
|
||||||
|
"type": "Hi-shelf"
|
||||||
|
},
|
||||||
|
"band7": {
|
||||||
|
"frequency": 7500.0,
|
||||||
|
"gain": -2.09,
|
||||||
|
"mode": "RLC (BT)",
|
||||||
|
"mute": false,
|
||||||
|
"q": 3.0,
|
||||||
|
"slope": "x1",
|
||||||
|
"solo": false,
|
||||||
|
"type": "Bell"
|
||||||
|
},
|
||||||
|
"band8": {
|
||||||
|
"frequency": 8000.0,
|
||||||
|
"gain": 2.01,
|
||||||
|
"mode": "RLC (BT)",
|
||||||
|
"mute": false,
|
||||||
|
"q": 4.36,
|
||||||
|
"slope": "x1",
|
||||||
|
"solo": false,
|
||||||
|
"type": "Bell"
|
||||||
|
},
|
||||||
|
"band9": {
|
||||||
|
"frequency": 900.0,
|
||||||
|
"gain": -4.12,
|
||||||
|
"mode": "RLC (BT)",
|
||||||
|
"mute": false,
|
||||||
|
"q": 5.909999999999967,
|
||||||
|
"slope": "x1",
|
||||||
|
"solo": false,
|
||||||
|
"type": "Bell"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"mode": "IIR",
|
||||||
|
"num-bands": 10,
|
||||||
|
"output-gain": -1.5,
|
||||||
|
"pitch-left": 0.0,
|
||||||
|
"pitch-right": 0.0,
|
||||||
|
"right": {
|
||||||
|
"band0": {
|
||||||
|
"frequency": 100.0,
|
||||||
|
"gain": 0.0,
|
||||||
|
"mode": "RLC (BT)",
|
||||||
|
"mute": false,
|
||||||
|
"q": 1.0,
|
||||||
|
"slope": "x4",
|
||||||
|
"solo": false,
|
||||||
|
"type": "Hi-pass"
|
||||||
|
},
|
||||||
|
"band1": {
|
||||||
|
"frequency": 150.0,
|
||||||
|
"gain": 4.02,
|
||||||
|
"mode": "RLC (BT)",
|
||||||
|
"mute": false,
|
||||||
|
"q": 3.0,
|
||||||
|
"slope": "x1",
|
||||||
|
"solo": false,
|
||||||
|
"type": "Bell"
|
||||||
|
},
|
||||||
|
"band2": {
|
||||||
|
"frequency": 600.0,
|
||||||
|
"gain": -5.07,
|
||||||
|
"mode": "RLC (BT)",
|
||||||
|
"mute": false,
|
||||||
|
"q": 4.000000000000008,
|
||||||
|
"slope": "x1",
|
||||||
|
"solo": false,
|
||||||
|
"type": "Bell"
|
||||||
|
},
|
||||||
|
"band3": {
|
||||||
|
"frequency": 1200.0,
|
||||||
|
"gain": -3.49,
|
||||||
|
"mode": "RLC (BT)",
|
||||||
|
"mute": false,
|
||||||
|
"q": 4.17,
|
||||||
|
"slope": "x1",
|
||||||
|
"solo": false,
|
||||||
|
"type": "Bell"
|
||||||
|
},
|
||||||
|
"band4": {
|
||||||
|
"frequency": 2000.0,
|
||||||
|
"gain": 1.43,
|
||||||
|
"mode": "RLC (BT)",
|
||||||
|
"mute": false,
|
||||||
|
"q": 4.0,
|
||||||
|
"slope": "x1",
|
||||||
|
"solo": false,
|
||||||
|
"type": "Bell"
|
||||||
|
},
|
||||||
|
"band5": {
|
||||||
|
"frequency": 5300.0,
|
||||||
|
"gain": 3.84,
|
||||||
|
"mode": "RLC (BT)",
|
||||||
|
"mute": false,
|
||||||
|
"q": 2.64,
|
||||||
|
"slope": "x1",
|
||||||
|
"solo": false,
|
||||||
|
"type": "Bell"
|
||||||
|
},
|
||||||
|
"band6": {
|
||||||
|
"frequency": 6000.0,
|
||||||
|
"gain": 4.02,
|
||||||
|
"mode": "RLC (BT)",
|
||||||
|
"mute": false,
|
||||||
|
"q": 4.36,
|
||||||
|
"slope": "x1",
|
||||||
|
"solo": false,
|
||||||
|
"type": "Hi-shelf"
|
||||||
|
},
|
||||||
|
"band7": {
|
||||||
|
"frequency": 7500.0,
|
||||||
|
"gain": -2.09,
|
||||||
|
"mode": "RLC (BT)",
|
||||||
|
"mute": false,
|
||||||
|
"q": 3.0,
|
||||||
|
"slope": "x1",
|
||||||
|
"solo": false,
|
||||||
|
"type": "Bell"
|
||||||
|
},
|
||||||
|
"band8": {
|
||||||
|
"frequency": 8000.0,
|
||||||
|
"gain": 2.01,
|
||||||
|
"mode": "RLC (BT)",
|
||||||
|
"mute": false,
|
||||||
|
"q": 4.36,
|
||||||
|
"slope": "x1",
|
||||||
|
"solo": false,
|
||||||
|
"type": "Bell"
|
||||||
|
},
|
||||||
|
"band9": {
|
||||||
|
"frequency": 900.0,
|
||||||
|
"gain": -4.12,
|
||||||
|
"mode": "RLC (BT)",
|
||||||
|
"mute": false,
|
||||||
|
"q": 5.909999999999967,
|
||||||
|
"slope": "x1",
|
||||||
|
"solo": false,
|
||||||
|
"type": "Bell"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"split-channels": false
|
||||||
|
},
|
||||||
|
"loudness": {
|
||||||
|
"bypass": false,
|
||||||
|
"clipping": false,
|
||||||
|
"clipping-range": 6.0,
|
||||||
|
"fft": "4096",
|
||||||
|
"input-gain": 0.0,
|
||||||
|
"output-gain": 0.0,
|
||||||
|
"std": "ISO226-2003",
|
||||||
|
"volume": 6.999999999999991
|
||||||
|
},
|
||||||
|
"plugins_order": [
|
||||||
|
"loudness",
|
||||||
|
"equalizer"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}'';
|
||||||
|
in
|
||||||
|
*/
|
||||||
|
{
|
||||||
imports = [
|
imports = [
|
||||||
{
|
{
|
||||||
system.stateVersion = "24.05";
|
system.stateVersion = "24.05";
|
||||||
|
@ -6,32 +246,21 @@
|
||||||
networking.hostName = "foxtrot";
|
networking.hostName = "foxtrot";
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
# laptop power management
|
|
||||||
services.upower.enable = true;
|
|
||||||
swapDevices = [
|
swapDevices = [
|
||||||
# TODO: move this to disko?
|
# TODO: move this to disko?
|
||||||
# NOTE(oninstall):
|
# NOTE(oninstall):
|
||||||
# sudo btrfs subvolume create /swap
|
/*
|
||||||
# sudo btrfs filesystem mkswapfile --size 32g --uuid clear /swap/swapfile
|
sudo btrfs subvolume create /swap
|
||||||
# sudo swapon /swap/swapfile
|
sudo btrfs filesystem mkswapfile --size 32g --uuid clear /swap/swapfile
|
||||||
|
sudo swapon /swap/swapfile
|
||||||
|
*/
|
||||||
{device = "/swap/swapfile";}
|
{device = "/swap/swapfile";}
|
||||||
];
|
];
|
||||||
# findmnt -no UUID -T /swap/swapfile
|
# findmnt -no UUID -T /swap/swapfile
|
||||||
boot.resumeDevice = "/dev/disk/by-uuid/81c3354a-f629-4b6b-a249-7705aeb9f0d5";
|
boot.resumeDevice = "/dev/disk/by-uuid/81c3354a-f629-4b6b-a249-7705aeb9f0d5";
|
||||||
systemd.sleep.extraConfig = "HibernateDelaySec=30m";
|
systemd.sleep.extraConfig = "HibernateDelaySec=11m";
|
||||||
services.fwupd.enable = true;
|
services.fwupd.enable = true;
|
||||||
services.fwupd.extraRemotes = ["lvfs-testing"];
|
services.fwupd.extraRemotes = ["lvfs-testing"];
|
||||||
|
|
||||||
# NOTE: I'm letting plasma settings handle this I guess?
|
|
||||||
# services.logind = {
|
|
||||||
# lidSwitch = "suspend-then-hibernate";
|
|
||||||
# # HandleLidSwitchDocked=ignore
|
|
||||||
# extraConfig = ''
|
|
||||||
# HandlePowerKey=suspend-then-hibernate
|
|
||||||
# IdleActionSec=10m
|
|
||||||
# IdleAction=suspend-then-hibernate
|
|
||||||
# '';
|
|
||||||
# };
|
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
|
@ -56,37 +285,52 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# wayland.windowManager.hyprland = {
|
/*
|
||||||
# settings = {
|
wayland.windowManager.hyprland = {
|
||||||
# env = [
|
settings = {
|
||||||
# "EWW_BAR_MON,0"
|
env = [
|
||||||
# ];
|
"EWW_BAR_MON,0"
|
||||||
# # See https://wiki.hyprland.org/Configuring/Keywords/ for more
|
];
|
||||||
# monitor = [
|
# See https://wiki.hyprland.org/Configuring/Keywords/ for more
|
||||||
# "eDP-1,2256x1504@60,0x0,${toString scale}"
|
monitor = [
|
||||||
# ];
|
"eDP-1,2256x1504@60,0x0,${toString scale}"
|
||||||
# };
|
];
|
||||||
# };
|
};
|
||||||
|
};
|
||||||
|
*/
|
||||||
|
|
||||||
# wayland.windowManager.sway = {
|
wayland.windowManager.sway = {
|
||||||
# config = {
|
config = {
|
||||||
# output = {
|
output = {
|
||||||
# "BOE 0x0BCA Unknown" = {
|
"BOE NE135A1M-NY1 Unknown" = {
|
||||||
# mode = "2256x1504@60Hz";
|
mode = "2880x1920@120Hz";
|
||||||
# position = "0,0";
|
position = "1092,2160";
|
||||||
# scale = toString scale;
|
scale = toString 1.75;
|
||||||
# };
|
};
|
||||||
|
|
||||||
# "Dell Inc. DELL U2720Q D3TM623" = {
|
"Dell Inc. DELL U2720Q CWTM623" = {
|
||||||
# # desktop left vertical monitor
|
mode = "3840x2160@60Hz";
|
||||||
# mode = "1920x1080@60Hz";
|
position = "0,0";
|
||||||
# # transform = "90";
|
};
|
||||||
# # scale = "1.5";
|
|
||||||
# position = "${toString (builtins.floor (2256 / scale))},0";
|
/*
|
||||||
# };
|
"BOE 0x0BCA Unknown" = {
|
||||||
# };
|
mode = "2256x1504@60Hz";
|
||||||
# };
|
position = "0,0";
|
||||||
# };
|
scale = toString scale;
|
||||||
|
};
|
||||||
|
|
||||||
|
"Dell Inc. DELL U2720Q D3TM623" = {
|
||||||
|
# desktop left vertical monitor
|
||||||
|
mode = "1920x1080@60Hz";
|
||||||
|
# transform = "90";
|
||||||
|
# scale = "1.5";
|
||||||
|
position = "${toString (builtins.floor (2256 / scale))},0";
|
||||||
|
};
|
||||||
|
*/
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
hardware.graphics.extraPackages = [
|
hardware.graphics.extraPackages = [
|
||||||
|
@ -99,7 +343,6 @@
|
||||||
];
|
];
|
||||||
|
|
||||||
networking.networkmanager.wifi.powersave = false;
|
networking.networkmanager.wifi.powersave = false;
|
||||||
hardware.wirelessRegulatoryDatabase = true;
|
|
||||||
|
|
||||||
hardware.framework.amd-7040.preventWakeOnAC = true;
|
hardware.framework.amd-7040.preventWakeOnAC = true;
|
||||||
|
|
||||||
|
@ -107,15 +350,17 @@
|
||||||
kernelPackages = pkgs.linuxPackages_latest;
|
kernelPackages = pkgs.linuxPackages_latest;
|
||||||
|
|
||||||
# https://github.com/void-linux/void-packages/issues/50417#issuecomment-2131802836 fix framework 13 not shutting down
|
# https://github.com/void-linux/void-packages/issues/50417#issuecomment-2131802836 fix framework 13 not shutting down
|
||||||
# kernelPatches = [
|
/*
|
||||||
# {
|
kernelPatches = [
|
||||||
# name = "framework13shutdownfix";
|
{
|
||||||
# patch = builtins.fetchurl {
|
name = "framework13shutdownfix";
|
||||||
# url = "https://github.com/void-linux/void-packages/files/15445612/0001-Add-hopefully-a-solution-for-shutdown-regression.PATCH";
|
patch = builtins.fetchurl {
|
||||||
# sha256 = "sha256:10zcnzy5hkam2cnxx441b978gzhvnqlcc49k7bpz9dc28xyjik50";
|
url = "https://github.com/void-linux/void-packages/files/15445612/0001-Add-hopefully-a-solution-for-shutdown-regression.PATCH";
|
||||||
# };
|
sha256 = "sha256:10zcnzy5hkam2cnxx441b978gzhvnqlcc49k7bpz9dc28xyjik50";
|
||||||
# }
|
};
|
||||||
# ];
|
}
|
||||||
|
];
|
||||||
|
*/
|
||||||
|
|
||||||
loader = {
|
loader = {
|
||||||
efi.canTouchEfiVariables = true;
|
efi.canTouchEfiVariables = true;
|
||||||
|
@ -123,11 +368,12 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
# NOTE(oninstall):
|
# NOTE(oninstall):
|
||||||
# sudo filefrag -v /swap/swapfile | awk '$1=="0:" {print substr($4, 1, length($4)-2)}'
|
/*
|
||||||
# the above won't work for btrfs, instead you need
|
sudo filefrag -v /swap/swapfile | awk '$1=="0:" {print substr($4, 1, length($4)-2)}'
|
||||||
# btrfs inspect-internal map-swapfile -r /swap/swapfile
|
the above won't work for btrfs, instead you need btrfs inspect-internal map-swapfile -r /swap/swapfile
|
||||||
# https://wiki.archlinux.org/title/Power_management/Suspend_and_hibernate#Hibernation_into_swap_file
|
https://wiki.archlinux.org/title/Power_management/Suspend_and_hibernate#Hibernation_into_swap_file
|
||||||
# many of these come from https://wiki.archlinux.org/title/Framework_Laptop_13#Suspend
|
many of these come from https://wiki.archlinux.org/title/Framework_Laptop_13#Suspend
|
||||||
|
*/
|
||||||
kernelParams = [
|
kernelParams = [
|
||||||
"rtc_cmos.use_acpi_alarm=1"
|
"rtc_cmos.use_acpi_alarm=1"
|
||||||
"amdgpu.sg_display=0"
|
"amdgpu.sg_display=0"
|
||||||
|
@ -140,9 +386,6 @@
|
||||||
];
|
];
|
||||||
initrd.availableKernelModules = ["xhci_pci" "nvme" "thunderbolt"];
|
initrd.availableKernelModules = ["xhci_pci" "nvme" "thunderbolt"];
|
||||||
kernelModules = ["kvm-amd"];
|
kernelModules = ["kvm-amd"];
|
||||||
extraModprobeConfig = ''
|
|
||||||
options cfg80211 ieee80211_regdom="US"
|
|
||||||
'';
|
|
||||||
};
|
};
|
||||||
hardware.bluetooth = {
|
hardware.bluetooth = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -151,17 +394,19 @@
|
||||||
powerOnBoot = false;
|
powerOnBoot = false;
|
||||||
};
|
};
|
||||||
powerManagement.cpuFreqGovernor = "ondemand";
|
powerManagement.cpuFreqGovernor = "ondemand";
|
||||||
# powerManagement.resumeCommands = ''
|
/*
|
||||||
# modprobe -rv mt7921e
|
powerManagement.resumeCommands = ''
|
||||||
# modprobe -v mt7921e
|
modprobe -rv mt7921e
|
||||||
# '';
|
modprobe -v mt7921e
|
||||||
|
'';
|
||||||
|
*/
|
||||||
|
|
||||||
services.power-profiles-daemon = {
|
services.power-profiles-daemon = {
|
||||||
enable = true;
|
enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
services.fprintd = {
|
services.fprintd = {
|
||||||
enable = true;
|
enable = false;
|
||||||
package = pkgs.fprintd.overrideAttrs {
|
package = pkgs.fprintd.overrideAttrs {
|
||||||
# Source: https://github.com/NixOS/nixpkgs/commit/87ca2dc071581aea0e691c730d6844f1beb07c9f
|
# Source: https://github.com/NixOS/nixpkgs/commit/87ca2dc071581aea0e691c730d6844f1beb07c9f
|
||||||
mesonCheckFlags = [
|
mesonCheckFlags = [
|
||||||
|
@ -170,24 +415,24 @@
|
||||||
"fprintd:TestPamFprintd"
|
"fprintd:TestPamFprintd"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
# tod.enable = true;
|
|
||||||
# tod.driver = pkgs.libfprint-2-tod1-goodix;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
# services.tlp = {
|
/*
|
||||||
# enable = true;
|
services.tlp = {
|
||||||
# settings = {
|
enable = true;
|
||||||
# CPU_ENERGY_PERF_POLICY_ON_BAT = "power";
|
settings = {
|
||||||
# CPU_SCALING_GOVERNOR_ON_BAT = "ondemand";
|
CPU_ENERGY_PERF_POLICY_ON_BAT = "power";
|
||||||
# CPU_MIN_PERF_ON_BAT = 0;
|
CPU_SCALING_GOVERNOR_ON_BAT = "ondemand";
|
||||||
# CPU_MAX_PERF_ON_BAT = 80;
|
CPU_MIN_PERF_ON_BAT = 0;
|
||||||
|
CPU_MAX_PERF_ON_BAT = 80;
|
||||||
|
|
||||||
# CPU_SCALING_GOVERNOR_ON_AC = "performance";
|
CPU_SCALING_GOVERNOR_ON_AC = "performance";
|
||||||
# CPU_ENERGY_PERF_POLICY_ON_AC = "performance";
|
CPU_ENERGY_PERF_POLICY_ON_AC = "performance";
|
||||||
# CPU_MIN_PERF_ON_AC = 0;
|
CPU_MIN_PERF_ON_AC = 0;
|
||||||
# CPU_MAX_PERF_ON_AC = 100;
|
CPU_MAX_PERF_ON_AC = 100;
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
|
*/
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = let
|
networking.firewall.allowedTCPPorts = let
|
||||||
stardewValley = 24642;
|
stardewValley = 24642;
|
||||||
|
|
|
@ -58,15 +58,19 @@
|
||||||
hardware.raspberry-pi."4".audio.enable = true;
|
hardware.raspberry-pi."4".audio.enable = true;
|
||||||
|
|
||||||
nixpkgs.overlays = [
|
nixpkgs.overlays = [
|
||||||
# nixos-22.05
|
/*
|
||||||
# (self: super: { libcec = super.libcec.override { inherit (self) libraspberrypi; }; })
|
nixos-22.05
|
||||||
# nixos-22.11
|
(self: super: { libcec = super.libcec.override { inherit (self) libraspberrypi; }; })
|
||||||
# (self: super: {libcec = super.libcec.override {withLibraspberrypi = true;};})
|
nixos-22.11
|
||||||
|
(self: super: {libcec = super.libcec.override {withLibraspberrypi = true;};})
|
||||||
|
*/
|
||||||
];
|
];
|
||||||
|
|
||||||
# Workaround for GNOME autologin: https://github.com/NixOS/nixpkgs/issues/103746#issuecomment-945091229
|
# Workaround for GNOME autologin: https://github.com/NixOS/nixpkgs/issues/103746#issuecomment-945091229
|
||||||
# systemd.services."getty@tty1".enable = false;
|
/*
|
||||||
# systemd.services."autovt@tty1".enable = false;
|
systemd.services."getty@tty1".enable = false;
|
||||||
|
systemd.services."autovt@tty1".enable = false;
|
||||||
|
*/
|
||||||
|
|
||||||
# hardware
|
# hardware
|
||||||
systemd.targets.sleep.enable = false;
|
systemd.targets.sleep.enable = false;
|
||||||
|
@ -99,38 +103,40 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# services.udev.extraRules = ''
|
/*
|
||||||
# # allow access to raspi cec device for video group (and optionally register it as a systemd device, used below)
|
services.udev.extraRules = ''
|
||||||
# SUBSYSTEM=="vchiq", GROUP="video", MODE="0660", TAG+="systemd", ENV{SYSTEMD_ALIAS}="/dev/vchiq"
|
# allow access to raspi cec device for video group (and optionally register it as a systemd device, used below)
|
||||||
# '';
|
SUBSYSTEM=="vchiq", GROUP="video", MODE="0660", TAG+="systemd", ENV{SYSTEMD_ALIAS}="/dev/vchiq"
|
||||||
|
'';
|
||||||
|
|
||||||
# powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||||
|
|
||||||
# optional: attach a persisted cec-client to `/run/cec.fifo`, to avoid the CEC ~1s startup delay per command
|
optional: attach a persisted cec-client to `/run/cec.fifo`, to avoid the CEC ~1s startup delay per command
|
||||||
# scan for devices: `echo 'scan' > /run/cec.fifo ; journalctl -u cec-client.service`
|
scan for devices: `echo 'scan' > /run/cec.fifo ; journalctl -u cec-client.service`
|
||||||
# set pi as active source: `echo 'as' > /run/cec.fifo`
|
set pi as active source: `echo 'as' > /run/cec.fifo`
|
||||||
# systemd.sockets."cec-client" = {
|
systemd.sockets."cec-client" = {
|
||||||
# after = ["dev-vchiq.device"];
|
after = ["dev-vchiq.device"];
|
||||||
# bindsTo = ["dev-vchiq.device"];
|
bindsTo = ["dev-vchiq.device"];
|
||||||
# wantedBy = ["sockets.target"];
|
wantedBy = ["sockets.target"];
|
||||||
# socketConfig = {
|
socketConfig = {
|
||||||
# ListenFIFO = "/run/cec.fifo";
|
ListenFIFO = "/run/cec.fifo";
|
||||||
# SocketGroup = "video";
|
SocketGroup = "video";
|
||||||
# SocketMode = "0660";
|
SocketMode = "0660";
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
# systemd.services."cec-client" = {
|
systemd.services."cec-client" = {
|
||||||
# after = ["dev-vchiq.device"];
|
after = ["dev-vchiq.device"];
|
||||||
# bindsTo = ["dev-vchiq.device"];
|
bindsTo = ["dev-vchiq.device"];
|
||||||
# wantedBy = ["multi-user.target"];
|
wantedBy = ["multi-user.target"];
|
||||||
# serviceConfig = {
|
serviceConfig = {
|
||||||
# ExecStart = ''${pkgs.libcec}/bin/cec-client -d 1'';
|
ExecStart = ''${pkgs.libcec}/bin/cec-client -d 1'';
|
||||||
# ExecStop = ''/bin/sh -c "echo q > /run/cec.fifo"'';
|
ExecStop = ''/bin/sh -c "echo q > /run/cec.fifo"'';
|
||||||
# StandardInput = "socket";
|
StandardInput = "socket";
|
||||||
# StandardOutput = "journal";
|
StandardOutput = "journal";
|
||||||
# Restart = "no";
|
Restart = "no";
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
|
*/
|
||||||
|
|
||||||
hardware.graphics.driSupport32Bit = lib.mkForce false;
|
hardware.graphics.driSupport32Bit = lib.mkForce false;
|
||||||
|
|
||||||
|
|
|
@ -25,11 +25,14 @@
|
||||||
device = "/dev/sda";
|
device = "/dev/sda";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
users.groups.beefcake = {};
|
||||||
users.users = {
|
users.users = {
|
||||||
beefcake = {
|
beefcake = {
|
||||||
# used for restic backups
|
isSystemUser = true;
|
||||||
# TODO: can this be a system user?
|
createHome = true;
|
||||||
isNormalUser = true;
|
home = "/storage/backups/beefcake";
|
||||||
|
group = "beefcake";
|
||||||
|
extraGroups = ["sftponly"];
|
||||||
openssh.authorizedKeys.keys =
|
openssh.authorizedKeys.keys =
|
||||||
config.users.users.daniel.openssh.authorizedKeys.keys
|
config.users.users.daniel.openssh.authorizedKeys.keys
|
||||||
++ [
|
++ [
|
||||||
|
@ -52,6 +55,13 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
services.openssh.extraConfig = ''
|
||||||
|
Match Group sftponly
|
||||||
|
ChrootDirectory /storage/backups/%u
|
||||||
|
ForceCommand internal-sftp
|
||||||
|
AllowTcpForwarding no
|
||||||
|
'';
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
hostName = "rascal";
|
hostName = "rascal";
|
||||||
networkmanager.enable = true;
|
networkmanager.enable = true;
|
||||||
|
|
649
nixos/router.nix
649
nixos/router.nix
|
@ -1,17 +1,19 @@
|
||||||
{
|
{
|
||||||
|
config,
|
||||||
lib,
|
lib,
|
||||||
# outputs,
|
# outputs,
|
||||||
# config,
|
|
||||||
pkgs,
|
pkgs,
|
||||||
...
|
...
|
||||||
}: let
|
}: let
|
||||||
# NOTE: My goal is to be able to apply most of the common tweaks to the router
|
/*
|
||||||
# either live on the system for ad-hoc changes (such as forwarding a port for a
|
NOTE: My goal is to be able to apply most of the common tweaks to the router
|
||||||
# multiplayer game) or to tweak these values just below without reaching deeper
|
either live on the system for ad-hoc changes (such as forwarding a port for a
|
||||||
# into the modules' implementation of these configuration values
|
multiplayer game) or to tweak these values just below without reaching deeper
|
||||||
# NOTE: I could turn this into a cool NixOS module?
|
into the modules' implementation of these configuration values
|
||||||
# TODO: review https://francis.begyn.be/blog/nixos-home-router
|
NOTE: I could turn this into a cool NixOS module?
|
||||||
# TODO: more recent: https://github.com/ghostbuster91/blogposts/blob/a2374f0039f8cdf4faddeaaa0347661ffc2ec7cf/router2023-part2/main.md
|
TODO: review https://francis.begyn.be/blog/nixos-home-router
|
||||||
|
TODO: more recent: https://github.com/ghostbuster91/blogposts/blob/a2374f0039f8cdf4faddeaaa0347661ffc2ec7cf/router2023-part2/main.md
|
||||||
|
*/
|
||||||
hostname = "router";
|
hostname = "router";
|
||||||
domain = "h.lyte.dev";
|
domain = "h.lyte.dev";
|
||||||
ip = "192.168.0.1";
|
ip = "192.168.0.1";
|
||||||
|
@ -49,12 +51,18 @@
|
||||||
"idm.h.lyte.dev"
|
"idm.h.lyte.dev"
|
||||||
"git.lyte.dev"
|
"git.lyte.dev"
|
||||||
"video.lyte.dev"
|
"video.lyte.dev"
|
||||||
|
"paperless.h.lyte.dev"
|
||||||
"audio.lyte.dev"
|
"audio.lyte.dev"
|
||||||
"a.lyte.dev"
|
"a.lyte.dev"
|
||||||
"bw.lyte.dev"
|
"bw.lyte.dev"
|
||||||
"files.lyte.dev"
|
"files.lyte.dev"
|
||||||
"vpn.h.lyte.dev"
|
"vpn.h.lyte.dev"
|
||||||
"atuin.h.lyte.dev"
|
"atuin.h.lyte.dev"
|
||||||
|
"grafana.h.lyte.dev"
|
||||||
|
"prometheus.h.lyte.dev"
|
||||||
|
"finances.h.lyte.dev"
|
||||||
|
"nextcloud.h.lyte.dev"
|
||||||
|
"onlyoffice.h.lyte.dev"
|
||||||
"a.lyte.dev"
|
"a.lyte.dev"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
@ -96,6 +104,25 @@ in {
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
iftop
|
||||||
|
];
|
||||||
|
|
||||||
|
sops = {
|
||||||
|
defaultSopsFile = ../secrets/router/secrets.yml;
|
||||||
|
age = {
|
||||||
|
sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
|
||||||
|
keyFile = "/var/lib/sops-nix/key.txt";
|
||||||
|
generateKey = true;
|
||||||
|
};
|
||||||
|
secrets = {
|
||||||
|
netlify-ddns-password = {mode = "0400";};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
services.deno-netlify-ddns-client = {
|
||||||
|
passwordFile = config.sops.secrets.netlify-ddns-password.path;
|
||||||
|
};
|
||||||
|
|
||||||
boot.kernel.sysctl =
|
boot.kernel.sysctl =
|
||||||
sysctl-entries
|
sysctl-entries
|
||||||
// {
|
// {
|
||||||
|
@ -137,22 +164,22 @@ in {
|
||||||
checkRuleset = true;
|
checkRuleset = true;
|
||||||
ruleset = with inf; ''
|
ruleset = with inf; ''
|
||||||
table inet filter {
|
table inet filter {
|
||||||
# set LANv4 {
|
## set LANv4 {
|
||||||
# type ipv4_addr
|
## type ipv4_addr
|
||||||
# flags interval
|
## flags interval
|
||||||
# elements = { 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 169.254.0.0/16 }
|
## elements = { 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 169.254.0.0/16 }
|
||||||
# }
|
## }
|
||||||
# set LANv6 {
|
## set LANv6 {
|
||||||
# type ipv6_addr
|
## type ipv6_addr
|
||||||
# flags interval
|
## flags interval
|
||||||
# elements = { fd00::/8, fe80::/10 }
|
## elements = { fd00::/8, fe80::/10 }
|
||||||
# }
|
## }
|
||||||
# TODO: maybe tailnet?
|
## TODO: maybe tailnet?
|
||||||
|
|
||||||
# chain my_input_lan {
|
## chain my_input_lan {
|
||||||
# udp sport 1900 udp dport >= 1024 meta pkttype unicast limit rate 4/second burst 20 packets accept comment "Accept UPnP IGD port mapping reply"
|
## udp sport 1900 udp dport >= 1024 meta pkttype unicast limit rate 4/second burst 20 packets accept comment "Accept UPnP IGD port mapping reply"
|
||||||
# udp sport netbios-ns udp dport >= 1024 meta pkttype unicast accept comment "Accept Samba Workgroup browsing replies"
|
## udp sport netbios-ns udp dport >= 1024 meta pkttype unicast accept comment "Accept Samba Workgroup browsing replies"
|
||||||
# }
|
## }
|
||||||
|
|
||||||
chain input {
|
chain input {
|
||||||
type filter hook input priority 0; policy drop;
|
type filter hook input priority 0; policy drop;
|
||||||
|
@ -187,12 +214,13 @@ in {
|
||||||
udp dport { 80, 443 } accept comment "Allow QUIC to server (see nat prerouting)"
|
udp dport { 80, 443 } accept comment "Allow QUIC to server (see nat prerouting)"
|
||||||
tcp dport { 22 } accept comment "Allow SSH to server (see nat prerouting)"
|
tcp dport { 22 } accept comment "Allow SSH to server (see nat prerouting)"
|
||||||
tcp dport { 25565 } accept comment "Allow Minecraft server connections (see nat prerouting)"
|
tcp dport { 25565 } accept comment "Allow Minecraft server connections (see nat prerouting)"
|
||||||
|
udp dport { 34197 } accept comment "Allow Factorio server connections (see nat prerouting)"
|
||||||
|
|
||||||
iifname "${lan}" accept comment "Allow local network to access the router"
|
iifname "${lan}" accept comment "Allow local network to access the router"
|
||||||
iifname "tailscale0" accept comment "Allow local network to access the router"
|
iifname "tailscale0" accept comment "Allow local network to access the router"
|
||||||
|
|
||||||
# ip6 saddr @LANv6 jump my_input_lan comment "Connections from private IP address ranges"
|
## ip6 saddr @LANv6 jump my_input_lan comment "Connections from private IP address ranges"
|
||||||
# ip saddr @LANv4 jump my_input_lan comment "Connections from private IP address ranges"
|
## ip saddr @LANv4 jump my_input_lan comment "Connections from private IP address ranges"
|
||||||
|
|
||||||
iifname "${wan}" counter drop comment "Drop all other unsolicited traffic from wan"
|
iifname "${wan}" counter drop comment "Drop all other unsolicited traffic from wan"
|
||||||
}
|
}
|
||||||
|
@ -207,13 +235,13 @@ in {
|
||||||
accept
|
accept
|
||||||
}
|
}
|
||||||
|
|
||||||
# chain forward {
|
## chain forward {
|
||||||
# type filter hook forward priority filter; policy drop;
|
## type filter hook forward priority filter; policy drop;
|
||||||
|
|
||||||
# iifname { "${lan}" } oifname { "${wan}" } accept comment "Allow trusted LAN to WAN"
|
## iifname { "${lan}" } oifname { "${wan}" } accept comment "Allow trusted LAN to WAN"
|
||||||
# iifname { "tailscale0" } oifname { "${wan}" } accept comment "Allow trusted LAN to WAN"
|
## iifname { "tailscale0" } oifname { "${wan}" } accept comment "Allow trusted LAN to WAN"
|
||||||
# iifname { "${wan}" } oifname { "${lan}" } ct state { established, related } accept comment "Allow established back to LAN"
|
## iifname { "${wan}" } oifname { "${lan}" } ct state { established, related } accept comment "Allow established back to LAN"
|
||||||
# }
|
## }
|
||||||
}
|
}
|
||||||
|
|
||||||
table ip nat {
|
table ip nat {
|
||||||
|
@ -229,6 +257,7 @@ in {
|
||||||
iifname ${wan} tcp dport {26966} dnat to ${hosts.beefcake.ip}
|
iifname ${wan} tcp dport {26966} dnat to ${hosts.beefcake.ip}
|
||||||
iifname ${wan} tcp dport {25565} dnat to ${hosts.bald.ip}
|
iifname ${wan} tcp dport {25565} dnat to ${hosts.bald.ip}
|
||||||
iifname ${wan} udp dport {25565} dnat to ${hosts.bald.ip}
|
iifname ${wan} udp dport {25565} dnat to ${hosts.bald.ip}
|
||||||
|
iifname ${wan} udp dport {34197} dnat to ${hosts.beefcake.ip}
|
||||||
}
|
}
|
||||||
|
|
||||||
chain postrouting {
|
chain postrouting {
|
||||||
|
@ -240,56 +269,58 @@ in {
|
||||||
};
|
};
|
||||||
|
|
||||||
# NOTE: see flake.nix 'nnf.nixosModules.default'
|
# NOTE: see flake.nix 'nnf.nixosModules.default'
|
||||||
# nftables.firewall = let
|
/*
|
||||||
# me = config.networking.nftables.firewall.localZoneName;
|
nftables.firewall = let
|
||||||
# in {
|
me = config.networking.nftables.firewall.localZoneName;
|
||||||
# enable = true;
|
in {
|
||||||
# snippets.nnf-common.enable = true;
|
enable = true;
|
||||||
|
snippets.nnf-common.enable = true;
|
||||||
|
|
||||||
# zones = {
|
zones = {
|
||||||
# ${interfaces.wan.name} = {
|
${interfaces.wan.name} = {
|
||||||
# interfaces = [interfaces.wan.name interfaces.lan.name];
|
interfaces = [interfaces.wan.name interfaces.lan.name];
|
||||||
# };
|
};
|
||||||
# ${interfaces.lan.name} = {
|
${interfaces.lan.name} = {
|
||||||
# parent = interfaces.wan.name;
|
parent = interfaces.wan.name;
|
||||||
# ipv4Addresses = [cidr];
|
ipv4Addresses = [cidr];
|
||||||
# };
|
};
|
||||||
# # banned = {
|
## banned = {
|
||||||
# # ingressExpression = [
|
## ingressExpression = [
|
||||||
# # "ip saddr @banlist"
|
## "ip saddr @banlist"
|
||||||
# # "ip6 saddr @banlist6"
|
## "ip6 saddr @banlist6"
|
||||||
# # ];
|
## ];
|
||||||
# # egressExpression = [
|
## egressExpression = [
|
||||||
# # "ip daddr @banlist"
|
## "ip daddr @banlist"
|
||||||
# # "ip6 daddr @banlist6"
|
## "ip6 daddr @banlist6"
|
||||||
# # ];
|
## ];
|
||||||
# # };
|
## };
|
||||||
# };
|
};
|
||||||
|
|
||||||
# rules = {
|
rules = {
|
||||||
# dhcp = {
|
dhcp = {
|
||||||
# from = "all";
|
from = "all";
|
||||||
# to = [hosts.beefcake.ip];
|
to = [hosts.beefcake.ip];
|
||||||
# allowedTCPPorts = [67];
|
allowedTCPPorts = [67];
|
||||||
# allowedUDPPorts = [67];
|
allowedUDPPorts = [67];
|
||||||
# };
|
};
|
||||||
# http = {
|
http = {
|
||||||
# from = "all";
|
from = "all";
|
||||||
# to = [me];
|
to = [me];
|
||||||
# allowedTCPPorts = [80 443];
|
allowedTCPPorts = [80 443];
|
||||||
# };
|
};
|
||||||
# router-ssh = {
|
router-ssh = {
|
||||||
# from = "all";
|
from = "all";
|
||||||
# to = [me];
|
to = [me];
|
||||||
# allowedTCPPorts = [2201];
|
allowedTCPPorts = [2201];
|
||||||
# };
|
};
|
||||||
# server-ssh = {
|
server-ssh = {
|
||||||
# from = "all";
|
from = "all";
|
||||||
# to = [hosts.beefcake.ip];
|
to = [hosts.beefcake.ip];
|
||||||
# allowedTCPPorts = [22];
|
allowedTCPPorts = [22];
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
|
*/
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.network = {
|
systemd.network = {
|
||||||
|
@ -337,29 +368,35 @@ in {
|
||||||
ConfigureWithoutCarrier = true;
|
ConfigureWithoutCarrier = true;
|
||||||
# IPv6AcceptRA = false;
|
# IPv6AcceptRA = false;
|
||||||
IPv6SendRA = true;
|
IPv6SendRA = true;
|
||||||
DHCPv6PrefixDelegation = true;
|
DHCPPrefixDelegation = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# WAN configuration requires DHCP to get addresses
|
/*
|
||||||
# we also disable some options to be certain we retain as much networking
|
WAN configuration requires DHCP to get addresses
|
||||||
# control as we reasonably can, such as not letting the ISP determine our
|
we also disable some options to be certain we retain as much networking
|
||||||
# hostname or DNS configuration
|
control as we reasonably can, such as not letting the ISP determine our
|
||||||
# TODO: IPv6 (prefix delegation)
|
hostname or DNS configuration
|
||||||
|
TODO: IPv6 (prefix delegation)
|
||||||
|
*/
|
||||||
"40-${interfaces.wan.name}" = {
|
"40-${interfaces.wan.name}" = {
|
||||||
matchConfig.Name = "${interfaces.wan.name}";
|
matchConfig.Name = "${interfaces.wan.name}";
|
||||||
networkConfig = {
|
networkConfig = {
|
||||||
Description = "WAN network - connection to fiber ISP jack";
|
Description = "WAN network - connection to fiber ISP jack";
|
||||||
DHCP = true;
|
DHCP = true;
|
||||||
# IPv6AcceptRA = true;
|
/*
|
||||||
# IPv6PrivacyExtensions = true;
|
IPv6AcceptRA = true;
|
||||||
# IPForward = true;
|
IPv6PrivacyExtensions = true;
|
||||||
|
IPForward = true;
|
||||||
|
*/
|
||||||
};
|
};
|
||||||
dhcpV6Config = {
|
dhcpV6Config = {
|
||||||
# ForceDHCPv6PDOtherInformation = true;
|
/*
|
||||||
# UseHostname = false;
|
ForceDHCPv6PDOtherInformation = true;
|
||||||
# UseDNS = false;
|
UseHostname = false;
|
||||||
# UseNTP = false;
|
UseDNS = false;
|
||||||
|
UseNTP = false;
|
||||||
|
*/
|
||||||
PrefixDelegationHint = "::/56";
|
PrefixDelegationHint = "::/56";
|
||||||
};
|
};
|
||||||
dhcpV4Config = {
|
dhcpV4Config = {
|
||||||
|
@ -385,17 +422,21 @@ in {
|
||||||
|
|
||||||
services.resolved.enable = false;
|
services.resolved.enable = false;
|
||||||
|
|
||||||
# dnsmasq serves as our DHCP and DNS server
|
/*
|
||||||
# almost all the configuration should be derived from the values at the top of
|
dnsmasq serves as our DHCP and DNS server
|
||||||
# this file
|
almost all the configuration should be derived from the values at the top of
|
||||||
|
this file
|
||||||
|
*/
|
||||||
services.dnsmasq = {
|
services.dnsmasq = {
|
||||||
enable = true;
|
enable = true;
|
||||||
settings = {
|
settings = {
|
||||||
listen-address = "::,127.0.0.1,${ip}";
|
listen-address = "::,127.0.0.1,${ip}";
|
||||||
port = 53;
|
port = 53;
|
||||||
|
|
||||||
# dhcp-authoritative = true;
|
/*
|
||||||
# dnssec = true;
|
dhcp-authoritative = true;
|
||||||
|
dnssec = true;
|
||||||
|
*/
|
||||||
enable-ra = true;
|
enable-ra = true;
|
||||||
|
|
||||||
server = ["1.1.1.1" "9.9.9.9" "8.8.8.8"];
|
server = ["1.1.1.1" "9.9.9.9" "8.8.8.8"];
|
||||||
|
@ -448,8 +489,10 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# since the home network reserves port 22 for ssh to the big server and to
|
/*
|
||||||
# gitea, the router uses port 2201 for ssh
|
since the home network reserves port 22 for ssh to the big server and to
|
||||||
|
gitea, the router uses port 2201 for ssh
|
||||||
|
*/
|
||||||
services.openssh.listenAddresses = [
|
services.openssh.listenAddresses = [
|
||||||
{
|
{
|
||||||
addr = "0.0.0.0";
|
addr = "0.0.0.0";
|
||||||
|
@ -473,252 +516,254 @@ in {
|
||||||
|
|
||||||
system.stateVersion = "24.05";
|
system.stateVersion = "24.05";
|
||||||
|
|
||||||
# NOTE: everything from here on is deprecated or old stuff
|
/*
|
||||||
|
NOTE: everything from here on is deprecated or old stuff
|
||||||
|
|
||||||
# TODO: may not be strictly necessary for IPv6?
|
TODO: may not be strictly necessary for IPv6?
|
||||||
# TODO: also may not even be the best implementation?
|
TODO: also may not even be the best implementation?
|
||||||
# services.radvd = {
|
services.radvd = {
|
||||||
# enable = false;
|
enable = false;
|
||||||
# # NOTE: this config is just the default arch linux config I think and may
|
## NOTE: this config is just the default arch linux config I think and may
|
||||||
# # need tweaking? this is what I had on the arch linux router, though :shrug:
|
## need tweaking? this is what I had on the arch linux router, though :shrug:
|
||||||
# config = ''
|
config = ''
|
||||||
# interface lo
|
interface lo
|
||||||
# {
|
{
|
||||||
# AdvSendAdvert on;
|
AdvSendAdvert on;
|
||||||
# MinRtrAdvInterval 3;
|
MinRtrAdvInterval 3;
|
||||||
# MaxRtrAdvInterval 10;
|
MaxRtrAdvInterval 10;
|
||||||
# AdvDefaultPreference low;
|
AdvDefaultPreference low;
|
||||||
# AdvHomeAgentFlag off;
|
AdvHomeAgentFlag off;
|
||||||
|
|
||||||
# prefix 2001:db8:1:0::/64
|
prefix 2001:db8:1:0::/64
|
||||||
# {
|
{
|
||||||
# AdvOnLink on;
|
AdvOnLink on;
|
||||||
# AdvAutonomous on;
|
AdvAutonomous on;
|
||||||
# AdvRouterAddr off;
|
AdvRouterAddr off;
|
||||||
# };
|
};
|
||||||
|
|
||||||
# prefix 0:0:0:1234::/64
|
prefix 0:0:0:1234::/64
|
||||||
# {
|
{
|
||||||
# AdvOnLink on;
|
AdvOnLink on;
|
||||||
# AdvAutonomous on;
|
AdvAutonomous on;
|
||||||
# AdvRouterAddr off;
|
AdvRouterAddr off;
|
||||||
# Base6to4Interface ppp0;
|
Base6to4Interface ppp0;
|
||||||
# AdvPreferredLifetime 120;
|
AdvPreferredLifetime 120;
|
||||||
# AdvValidLifetime 300;
|
AdvValidLifetime 300;
|
||||||
# };
|
};
|
||||||
|
|
||||||
# route 2001:db0:fff::/48
|
route 2001:db0:fff::/48
|
||||||
# {
|
{
|
||||||
# AdvRoutePreference high;
|
AdvRoutePreference high;
|
||||||
# AdvRouteLifetime 3600;
|
AdvRouteLifetime 3600;
|
||||||
# };
|
};
|
||||||
|
|
||||||
# RDNSS 2001:db8::1 2001:db8::2
|
RDNSS 2001:db8::1 2001:db8::2
|
||||||
# {
|
{
|
||||||
# AdvRDNSSLifetime 30;
|
AdvRDNSSLifetime 30;
|
||||||
# };
|
};
|
||||||
|
|
||||||
# DNSSL branch.example.com example.com
|
DNSSL branch.example.com example.com
|
||||||
# {
|
{
|
||||||
# AdvDNSSLLifetime 30;
|
AdvDNSSLLifetime 30;
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
# '';
|
'';
|
||||||
# };
|
};
|
||||||
|
|
||||||
# TODO: old config, should be deleted ASAP
|
TODO: old config, should be deleted ASAP
|
||||||
# services.dnsmasq = {
|
services.dnsmasq = {
|
||||||
# enable = false;
|
enable = false;
|
||||||
# settings = {
|
settings = {
|
||||||
# # server endpoints
|
# server endpoints
|
||||||
# listen-address = "::1,127.0.0.1,${ip}";
|
listen-address = "::1,127.0.0.1,${ip}";
|
||||||
# port = "53";
|
port = "53";
|
||||||
|
|
||||||
# # DNS cache entries
|
# DNS cache entries
|
||||||
# cache-size = "10000";
|
cache-size = "10000";
|
||||||
|
|
||||||
# # local domain entries
|
# local domain entries
|
||||||
# local = "/lan/";
|
local = "/lan/";
|
||||||
# domain = "lan";
|
domain = "lan";
|
||||||
# expand-hosts = true;
|
expand-hosts = true;
|
||||||
|
|
||||||
# dhcp-authoritative = true;
|
dhcp-authoritative = true;
|
||||||
|
|
||||||
# conf-file = "/usr/share/dnsmasq/trust-anchors.conf";
|
conf-file = "/usr/share/dnsmasq/trust-anchors.conf";
|
||||||
# dnssec = true;
|
dnssec = true;
|
||||||
|
|
||||||
# except-interface = "${wan_if}";
|
except-interface = "${wan_if}";
|
||||||
# interface = "${lan_if}";
|
interface = "${lan_if}";
|
||||||
|
|
||||||
# enable-ra = true;
|
enable-ra = true;
|
||||||
|
|
||||||
# # dhcp-option = "121,${cidr},${ip}";
|
# dhcp-option = "121,${cidr},${ip}";
|
||||||
|
|
||||||
# dhcp-range = [
|
dhcp-range = [
|
||||||
# "lan,${dhcp_lease_space.min},${dhcp_lease_space.max},${netmask},10m"
|
"lan,${dhcp_lease_space.min},${dhcp_lease_space.max},${netmask},10m"
|
||||||
# "tag:${lan_if},::1,constructor:${lan_if},ra-names,12h"
|
"tag:${lan_if},::1,constructor:${lan_if},ra-names,12h"
|
||||||
# ];
|
];
|
||||||
|
|
||||||
# dhcp-host = [
|
dhcp-host = [
|
||||||
# "${hosts.dragon.host},${hosts.dragon.ip},12h"
|
"${hosts.dragon.host},${hosts.dragon.ip},12h"
|
||||||
# "${hosts.beefcake.host},${hosts.beefcake.ip},12h"
|
"${hosts.beefcake.host},${hosts.beefcake.ip},12h"
|
||||||
# ];
|
];
|
||||||
|
|
||||||
# # may need to go in /etc/hosts (networking.extraHosts), too?
|
# may need to go in /etc/hosts (networking.extraHosts), too?
|
||||||
# address = [
|
address = [
|
||||||
# "/video.lyte.dev/192.168.0.9"
|
"/video.lyte.dev/192.168.0.9"
|
||||||
# "/git.lyte.dev/192.168.0.9"
|
"/git.lyte.dev/192.168.0.9"
|
||||||
# "/bw.lyte.dev/192.168.0.9"
|
"/bw.lyte.dev/192.168.0.9"
|
||||||
# "/files.lyte.dev/192.168.0.9"
|
"/files.lyte.dev/192.168.0.9"
|
||||||
# "/vpn.h.lyte.dev/192.168.0.9"
|
"/vpn.h.lyte.dev/192.168.0.9"
|
||||||
# "/.h.lyte.dev/192.168.0.9"
|
"/.h.lyte.dev/192.168.0.9"
|
||||||
# ];
|
];
|
||||||
|
|
||||||
# server = [
|
server = [
|
||||||
# "${ip}"
|
"${ip}"
|
||||||
# "8.8.8.8"
|
"8.8.8.8"
|
||||||
# "8.8.4.4"
|
"8.8.4.4"
|
||||||
# "1.1.1.1"
|
"1.1.1.1"
|
||||||
# "1.0.0.1"
|
"1.0.0.1"
|
||||||
# ];
|
];
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
|
|
||||||
# TODO: old config, should be deleted ASAP
|
TODO: old config, should be deleted ASAP
|
||||||
# nftables = {
|
nftables = {
|
||||||
# enable = false;
|
enable = false;
|
||||||
# flushRuleset = true;
|
flushRuleset = true;
|
||||||
|
|
||||||
# tables = {
|
tables = {
|
||||||
# filter = {
|
filter = {
|
||||||
# family = "inet";
|
family = "inet";
|
||||||
# content = ''
|
content = ''
|
||||||
# chain input {
|
chain input {
|
||||||
# # type filter hook input priority filter; policy accept;
|
# type filter hook input priority filter; policy accept;
|
||||||
# type filter hook input priority 0;
|
type filter hook input priority 0;
|
||||||
|
|
||||||
# # anything from loopback interface
|
# anything from loopback interface
|
||||||
# iifname "lo" accept
|
iifname "lo" accept
|
||||||
|
|
||||||
# # accept traffic we originated
|
# accept traffic we originated
|
||||||
# ct state { established, related } counter accept
|
ct state { established, related } counter accept
|
||||||
# ct state invalid counter drop
|
ct state invalid counter drop
|
||||||
|
|
||||||
# # ICMP
|
# ICMP
|
||||||
# ip6 nexthdr icmpv6 icmpv6 type { echo-request, nd-neighbor-solicit, nd-neighbor-advert, nd-router-solicit, nd-router-advert, mld-listener-query, destination-unreachable, packet-too-big, time-exceeded, parameter-problem } counter accept
|
ip6 nexthdr icmpv6 icmpv6 type { echo-request, nd-neighbor-solicit, nd-neighbor-advert, nd-router-solicit, nd-router-advert, mld-listener-query, destination-unreachable, packet-too-big, time-exceeded, parameter-problem } counter accept
|
||||||
# ip protocol icmp icmp type { echo-request, destination-unreachable, router-advertisement, time-exceeded, parameter-problem } counter accept
|
ip protocol icmp icmp type { echo-request, destination-unreachable, router-advertisement, time-exceeded, parameter-problem } counter accept
|
||||||
# ip protocol icmpv6 counter accept
|
ip protocol icmpv6 counter accept
|
||||||
# ip protocol icmp counter accept
|
ip protocol icmp counter accept
|
||||||
# meta l4proto ipv6-icmp counter accept
|
meta l4proto ipv6-icmp counter accept
|
||||||
# udp dport dhcpv6-client counter accept
|
udp dport dhcpv6-client counter accept
|
||||||
|
|
||||||
# tcp dport { 64022, 22, 53, 67, 25565 } counter accept
|
tcp dport { 64022, 22, 53, 67, 25565 } counter accept
|
||||||
# udp dport { 64020, 22, 53, 67 } counter accept
|
udp dport { 64020, 22, 53, 67 } counter accept
|
||||||
|
|
||||||
# # iifname "iot" ip saddr $iot-ip tcp dport { llmnr } counter accept
|
## iifname "iot" ip saddr $iot-ip tcp dport { llmnr } counter accept
|
||||||
# # iifname "iot" ip saddr $iot-ip udp dport { mdns, llmnr } counter accept
|
## iifname "iot" ip saddr $iot-ip udp dport { mdns, llmnr } counter accept
|
||||||
# iifname "${lan_if}" tcp dport { llmnr } counter accept
|
iifname "${lan_if}" tcp dport { llmnr } counter accept
|
||||||
# iifname "${lan_if}" udp dport { mdns, llmnr } counter accept
|
iifname "${lan_if}" udp dport { mdns, llmnr } counter accept
|
||||||
|
|
||||||
# counter drop
|
counter drop
|
||||||
# }
|
}
|
||||||
|
|
||||||
# # allow all outgoing
|
# allow all outgoing
|
||||||
# chain output {
|
chain output {
|
||||||
# type filter hook output priority 0;
|
type filter hook output priority 0;
|
||||||
# accept
|
accept
|
||||||
# }
|
}
|
||||||
|
|
||||||
# chain forward {
|
chain forward {
|
||||||
# type filter hook forward priority 0;
|
type filter hook forward priority 0;
|
||||||
# accept
|
accept
|
||||||
# }
|
}
|
||||||
# '';
|
'';
|
||||||
# };
|
};
|
||||||
|
|
||||||
# nat = {
|
nat = {
|
||||||
# family = "ip";
|
family = "ip";
|
||||||
# content = ''
|
content = ''
|
||||||
# set masq_saddr {
|
set masq_saddr {
|
||||||
# type ipv4_addr
|
type ipv4_addr
|
||||||
# flags interval
|
flags interval
|
||||||
# elements = { ${cidr} }
|
elements = { ${cidr} }
|
||||||
# }
|
}
|
||||||
|
|
||||||
# map map_port_ipport {
|
map map_port_ipport {
|
||||||
# type inet_proto . inet_service : ipv4_addr . inet_service
|
type inet_proto . inet_service : ipv4_addr . inet_service
|
||||||
# }
|
}
|
||||||
|
|
||||||
# chain prerouting {
|
chain prerouting {
|
||||||
# iifname ${lan_if} accept
|
iifname ${lan_if} accept
|
||||||
|
|
||||||
# type nat hook prerouting priority dstnat + 1; policy accept;
|
type nat hook prerouting priority dstnat + 1; policy accept;
|
||||||
# fib daddr type local dnat ip addr . port to meta l4proto . th dport map @map_port_ipport
|
fib daddr type local dnat ip addr . port to meta l4proto . th dport map @map_port_ipport
|
||||||
|
|
||||||
# iifname ${wan_if} tcp dport { 22, 80, 443, 25565, 64022 } dnat to ${hosts.beefcake.ip}
|
iifname ${wan_if} tcp dport { 22, 80, 443, 25565, 64022 } dnat to ${hosts.beefcake.ip}
|
||||||
# iifname ${wan_if} udp dport { 64020 } dnat to ${hosts.beefcake.ip}
|
iifname ${wan_if} udp dport { 64020 } dnat to ${hosts.beefcake.ip}
|
||||||
|
|
||||||
# # iifname ${wan_if} tcp dport { 25565 } dnat to 192.168.0.244
|
## iifname ${wan_if} tcp dport { 25565 } dnat to 192.168.0.244
|
||||||
# # iifname ${wan_if} udp dport { 25565 } dnat to 192.168.0.244
|
## iifname ${wan_if} udp dport { 25565 } dnat to 192.168.0.244
|
||||||
|
|
||||||
# # router
|
## router
|
||||||
# iifname ${wan_if} tcp dport { 2201 } dnat to ${ip}
|
iifname ${wan_if} tcp dport { 2201 } dnat to ${ip}
|
||||||
# }
|
}
|
||||||
|
|
||||||
# chain output {
|
chain output {
|
||||||
# type nat hook output priority -99; policy accept;
|
type nat hook output priority -99; policy accept;
|
||||||
# ip daddr != 127.0.0.0/8 oif "lo" dnat ip addr . port to meta l4proto . th dport map @map_port_ipport
|
ip daddr != 127.0.0.0/8 oif "lo" dnat ip addr . port to meta l4proto . th dport map @map_port_ipport
|
||||||
# }
|
}
|
||||||
|
|
||||||
# chain postrouting {
|
chain postrouting {
|
||||||
# type nat hook postrouting priority srcnat + 1; policy accept;
|
type nat hook postrouting priority srcnat + 1; policy accept;
|
||||||
# oifname ${lan_if} masquerade
|
oifname ${lan_if} masquerade
|
||||||
# ip saddr @masq_saddr masquerade
|
ip saddr @masq_saddr masquerade
|
||||||
# }
|
}
|
||||||
# '';
|
'';
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
|
|
||||||
# TODO: also want to try to avoid using dhcpcd for IPv6 since systemd-networkd
|
TODO: also want to try to avoid using dhcpcd for IPv6 since systemd-networkd
|
||||||
# should be sufficient?
|
should be sufficient?
|
||||||
# dhcpcd = {
|
dhcpcd = {
|
||||||
# enable = false;
|
enable = false;
|
||||||
# extraConfig = ''
|
extraConfig = ''
|
||||||
# duid
|
duid
|
||||||
|
|
||||||
# # No way.... https://github.com/NetworkConfiguration/dhcpcd/issues/36#issuecomment-954777644
|
## No way.... https://github.com/NetworkConfiguration/dhcpcd/issues/36#issuecomment-954777644
|
||||||
# # issues caused by guests with oneplus devices
|
## issues caused by guests with oneplus devices
|
||||||
# noarp
|
noarp
|
||||||
|
|
||||||
# persistent
|
persistent
|
||||||
# vendorclassid
|
vendorclassid
|
||||||
|
|
||||||
# option domain_name_servers, domain_name, domain_search
|
option domain_name_servers, domain_name, domain_search
|
||||||
# option classless_static_routes
|
option classless_static_routes
|
||||||
# option interface_mtu
|
option interface_mtu
|
||||||
# option host_name
|
option host_name
|
||||||
# #option ntp_servers
|
#option ntp_servers
|
||||||
|
|
||||||
# require dhcp_server_identifier
|
require dhcp_server_identifier
|
||||||
# slaac private
|
slaac private
|
||||||
# noipv4ll
|
noipv4ll
|
||||||
# noipv6rs
|
noipv6rs
|
||||||
|
|
||||||
# static domain_name_servers=${ip}
|
static domain_name_servers=${ip}
|
||||||
|
|
||||||
# interface ${wan_if}
|
interface ${wan_if}
|
||||||
# gateway
|
gateway
|
||||||
# ipv6rs
|
ipv6rs
|
||||||
# iaid 1
|
iaid 1
|
||||||
# # option rapid_commit
|
## option rapid_commit
|
||||||
# # ia_na 1
|
## ia_na 1
|
||||||
# ia_pd 1 ${lan_if}
|
ia_pd 1 ${lan_if}
|
||||||
|
|
||||||
# interface ${lan_if}
|
interface ${lan_if}
|
||||||
# static ip_address=${cidr}
|
static ip_address=${cidr}
|
||||||
# static routers=${ip}
|
static routers=${ip}
|
||||||
# static domain_name_servers=${ip}
|
static domain_name_servers=${ip}
|
||||||
# '';
|
'';
|
||||||
# };
|
};
|
||||||
|
*/
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,9 +5,6 @@
|
||||||
}: {
|
}: {
|
||||||
networking.hostName = "thablet";
|
networking.hostName = "thablet";
|
||||||
|
|
||||||
home-manager.users.daniel = {
|
|
||||||
};
|
|
||||||
|
|
||||||
boot.loader.systemd-boot.enable = true;
|
boot.loader.systemd-boot.enable = true;
|
||||||
|
|
||||||
services.fprintd = {
|
services.fprintd = {
|
||||||
|
@ -48,7 +45,11 @@
|
||||||
|
|
||||||
hardware.bluetooth = {
|
hardware.bluetooth = {
|
||||||
enable = true;
|
enable = true;
|
||||||
powerOnBoot = true;
|
powerOnBoot = false;
|
||||||
|
};
|
||||||
|
|
||||||
|
services.power-profiles-daemon = {
|
||||||
|
enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
|
@ -61,5 +62,19 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
home-manager.users.daniel = {
|
||||||
|
wayland.windowManager.sway = {
|
||||||
|
config = {
|
||||||
|
output = {
|
||||||
|
"AU Optronics 0x2236 Unknown" = {
|
||||||
|
mode = "2560x1440@60Hz";
|
||||||
|
position = "0,0";
|
||||||
|
scale = toString 1.25;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
system.stateVersion = "24.05";
|
system.stateVersion = "24.05";
|
||||||
}
|
}
|
||||||
|
|
|
@ -6,10 +6,12 @@
|
||||||
efi.canTouchEfiVariables = true;
|
efi.canTouchEfiVariables = true;
|
||||||
systemd-boot.enable = true;
|
systemd-boot.enable = true;
|
||||||
};
|
};
|
||||||
# sudo filefrag -v /swap/swapfile | awk '$1=="0:" {print substr($4, 1, length($4)-2)}'
|
/*
|
||||||
# the above won't work for btrfs, instead you need
|
sudo filefrag -v /swap/swapfile | awk '$1=="0:" {print substr($4, 1, length($4)-2)}'
|
||||||
# btrfs inspect-internal map-swapfile -r /swap/swapfile
|
the above won't work for btrfs, instead you need
|
||||||
# https://wiki.archlinux.org/title/Power_management/Suspend_and_hibernate#Hibernation_into_swap_file
|
btrfs inspect-internal map-swapfile -r /swap/swapfile
|
||||||
|
https://wiki.archlinux.org/title/Power_management/Suspend_and_hibernate#Hibernation_into_swap_file
|
||||||
|
*/
|
||||||
kernelParams = ["boot.shell_on_fail"];
|
kernelParams = ["boot.shell_on_fail"];
|
||||||
initrd.availableKernelModules = ["xhci_pci" "nvme" "ahci"];
|
initrd.availableKernelModules = ["xhci_pci" "nvme" "ahci"];
|
||||||
};
|
};
|
||||||
|
|
|
@ -5,22 +5,28 @@
|
||||||
pkgs = import nixpkgs {inherit (final) system;};
|
pkgs = import nixpkgs {inherit (final) system;};
|
||||||
};
|
};
|
||||||
|
|
||||||
# This one contains whatever you want to overlay
|
/*
|
||||||
# You can change versions, add patches, set compilation flags, anything really.
|
This one contains whatever you want to overlay
|
||||||
# https://nixos.wiki/wiki/Overlays
|
You can change versions, add patches, set compilation flags, anything really.
|
||||||
|
https://nixos.wiki/wiki/Overlays
|
||||||
|
*/
|
||||||
modifications = final: prev: {
|
modifications = final: prev: {
|
||||||
# final.fprintd = prev.fprintd.overrideAttrs {
|
/*
|
||||||
# # Source: https://github.com/NixOS/nixpkgs/commit/87ca2dc071581aea0e691c730d6844f1beb07c9f
|
final.fprintd = prev.fprintd.overrideAttrs {
|
||||||
# mesonCheckFlags = [
|
# Source: https://github.com/NixOS/nixpkgs/commit/87ca2dc071581aea0e691c730d6844f1beb07c9f
|
||||||
# # PAM related checks are timing out
|
mesonCheckFlags = [
|
||||||
# "--no-suite"
|
# PAM related checks are timing out
|
||||||
# "fprintd:TestPamFprintd"
|
"--no-suite"
|
||||||
# ];
|
"fprintd:TestPamFprintd"
|
||||||
# };
|
];
|
||||||
|
};
|
||||||
|
*/
|
||||||
};
|
};
|
||||||
|
|
||||||
# When applied, the unstable nixpkgs set (declared in the flake inputs) will
|
/*
|
||||||
# be accessible through 'pkgs.unstable'
|
When applied, the unstable nixpkgs set (declared in the flake inputs) will
|
||||||
|
be accessible through 'pkgs.unstable'
|
||||||
|
*/
|
||||||
unstable-packages = final: _prev: {
|
unstable-packages = final: _prev: {
|
||||||
unstable = import nixpkgs {
|
unstable = import nixpkgs {
|
||||||
system = final.system;
|
system = final.system;
|
||||||
|
|
|
@ -34,10 +34,10 @@ in ((iosevka.override {
|
||||||
menu = 900
|
menu = 900
|
||||||
css = 900
|
css = 900
|
||||||
|
|
||||||
# [[buildPlans.Iosevka${set}.compatibility-ligatures]]
|
## [[buildPlans.Iosevka${set}.compatibility-ligatures]]
|
||||||
# unicode = 57600 # 0xE100
|
## unicode = 57600 # 0xE100
|
||||||
# featureTag = 'calt'
|
## featureTag = 'calt'
|
||||||
# kequence = '<*>'
|
## kequence = '<*>'
|
||||||
|
|
||||||
[buildPlans.Iosevka${set}.variants]
|
[buildPlans.Iosevka${set}.variants]
|
||||||
inherits = "ss01"
|
inherits = "ss01"
|
||||||
|
|
|
@ -15,7 +15,9 @@ plausible-admin-password: ENC[AES256_GCM,data:dC9olypZgMLdPOsmjthOaa/fMLtbGBlF9A
|
||||||
plausible-erlang-cookie: ENC[AES256_GCM,data:zhmC+D6EjIE8Rw91lIrMqY0QIazTX1e1jBzcZJP/76B9VvHWZ5bCkP1+KdfCY0lk3wIEq5vRfb8=,iv:RNNjlV3OFtXn1N0a5fEb/3FWzcHX19wtCLMdaVlKNJ0=,tag:8iU5oFVbzd0eMe5Mo1PiAw==,type:str]
|
plausible-erlang-cookie: ENC[AES256_GCM,data:zhmC+D6EjIE8Rw91lIrMqY0QIazTX1e1jBzcZJP/76B9VvHWZ5bCkP1+KdfCY0lk3wIEq5vRfb8=,iv:RNNjlV3OFtXn1N0a5fEb/3FWzcHX19wtCLMdaVlKNJ0=,tag:8iU5oFVbzd0eMe5Mo1PiAw==,type:str]
|
||||||
plausible-secret-key-base: ENC[AES256_GCM,data:ylakPGzY4S9640krl0fxYgm0Getf0+I7zthyTqTD/IpVhz5xgYBYx3Y2lSNa9Oi9yQ7+f9OdOBC6nc7n6MuUBg==,iv:YLPax/cRjMdIFti26gJd8COKr+3jXNZ7HCA5VvQVyAo=,tag:LHqYi590oEIp1IihLcFTtw==,type:str]
|
plausible-secret-key-base: ENC[AES256_GCM,data:ylakPGzY4S9640krl0fxYgm0Getf0+I7zthyTqTD/IpVhz5xgYBYx3Y2lSNa9Oi9yQ7+f9OdOBC6nc7n6MuUBg==,iv:YLPax/cRjMdIFti26gJd8COKr+3jXNZ7HCA5VvQVyAo=,tag:LHqYi590oEIp1IihLcFTtw==,type:str]
|
||||||
nextcloud-admin-password: ENC[AES256_GCM,data:QaoSZyommeGED3nWNru92UVO2tjk24HE9fWX7ExYT101o4ZL411TmV1TXHSyfwjmE7yLIm1K/j4xpEbIY3zvFg==,iv:xC5EZVPHumVPOob5jiiXMFAmdFQcFSUPtZgioAgGDDs=,tag:Q/kY38XWkGsqcmCkd2lodg==,type:str]
|
nextcloud-admin-password: ENC[AES256_GCM,data:QaoSZyommeGED3nWNru92UVO2tjk24HE9fWX7ExYT101o4ZL411TmV1TXHSyfwjmE7yLIm1K/j4xpEbIY3zvFg==,iv:xC5EZVPHumVPOob5jiiXMFAmdFQcFSUPtZgioAgGDDs=,tag:Q/kY38XWkGsqcmCkd2lodg==,type:str]
|
||||||
|
grafana-admin-password: ENC[AES256_GCM,data:SpxQ7FgFoF5cZj5+1ug=,iv:NaQPIqFE62PHC14rT/xqYchdt7IykS8jJhuGRcC2SjM=,tag:Q8QtHiE4Beh5GG/IcvjG4w==,type:str]
|
||||||
netlify-ddns-password: ENC[AES256_GCM,data:mz9MS93ZPbtziwo56DP27q5ZgA1rgCptQpgTPrq2Ihc3KjSxSACJ6p6t8NjRPr4lSDLPzDa47OnRct/N4fcm5Q==,iv:upOh9S0wvTXBwfso3GhQzpl5befY0T0hTW/LGNcvv0k=,tag:/LNP0wIaxtExulV0blVkXA==,type:str]
|
netlify-ddns-password: ENC[AES256_GCM,data:mz9MS93ZPbtziwo56DP27q5ZgA1rgCptQpgTPrq2Ihc3KjSxSACJ6p6t8NjRPr4lSDLPzDa47OnRct/N4fcm5Q==,iv:upOh9S0wvTXBwfso3GhQzpl5befY0T0hTW/LGNcvv0k=,tag:/LNP0wIaxtExulV0blVkXA==,type:str]
|
||||||
|
grafana-smtp-password: ENC[AES256_GCM,data:eSzFlEcgSPEy7p0QW6Pr6Z86TRHuuIJcM7nSI7bBBFy/9/VQaYk6+Ztu049ZGrejPNk=,iv:o14YoiTE4dCKw/Rbh/B2m2b5oyitvaB+FnLxydgu75c=,tag:4iRngd9OiZMq5RTVKdklHw==,type:str]
|
||||||
#ENC[AES256_GCM,data:IDauOj95sPt6LQkNWOaAV3AR7XPHJljX7Gef/IgtzC227ln7aKpVLCbhxD6pNTwd9/KhIXJp3vagCjfgkO/utA==,iv:Pn5jIPsFMBA2xnp3SUBgBug1NN8d3h3zy1pGVzO2hO0=,tag:NzhLA7nqE7SRRMV+rKgCjQ==,type:comment]
|
#ENC[AES256_GCM,data:IDauOj95sPt6LQkNWOaAV3AR7XPHJljX7Gef/IgtzC227ln7aKpVLCbhxD6pNTwd9/KhIXJp3vagCjfgkO/utA==,iv:Pn5jIPsFMBA2xnp3SUBgBug1NN8d3h3zy1pGVzO2hO0=,tag:NzhLA7nqE7SRRMV+rKgCjQ==,type:comment]
|
||||||
forgejo-runner.env: ENC[AES256_GCM,data:x4EaDzK4W34ZEZ/Inakore2YABZf8e7TBBjoC6xTPZ9GBrSZCE85FOcHAmMXPDo=,iv:bNGOsLnhxnlC/opCKT1DSsGoWdmgJ8NgEPY3ySlN108=,tag:Ijp3qHBSdv6EDaZdomJhAA==,type:str]
|
forgejo-runner.env: ENC[AES256_GCM,data:x4EaDzK4W34ZEZ/Inakore2YABZf8e7TBBjoC6xTPZ9GBrSZCE85FOcHAmMXPDo=,iv:bNGOsLnhxnlC/opCKT1DSsGoWdmgJ8NgEPY3ySlN108=,tag:Ijp3qHBSdv6EDaZdomJhAA==,type:str]
|
||||||
jland.env: ENC[AES256_GCM,data:u+QKwKWG9NFduuofhe3aatof3KoC0N4ZpNOD8E/7l0BTSoTe5Tqmz5/33EOcBUw99+YLFR4kTJwdUmLWHk4UD87aGsJ4liPCtXnBsToAzBGg0I3mhGQ/QM8iKXMW9oKb3ciapitQBuJa1WIp5/bHNtCXWQ==,iv:iZDET5EWM4DnAoQqLP9+Ll4S+mFHt2wZ3ENtN79Dbqw=,tag:qVpocN3FxlHfte2hAmtGPA==,type:str]
|
jland.env: ENC[AES256_GCM,data:u+QKwKWG9NFduuofhe3aatof3KoC0N4ZpNOD8E/7l0BTSoTe5Tqmz5/33EOcBUw99+YLFR4kTJwdUmLWHk4UD87aGsJ4liPCtXnBsToAzBGg0I3mhGQ/QM8iKXMW9oKb3ciapitQBuJa1WIp5/bHNtCXWQ==,iv:iZDET5EWM4DnAoQqLP9+Ll4S+mFHt2wZ3ENtN79Dbqw=,tag:qVpocN3FxlHfte2hAmtGPA==,type:str]
|
||||||
|
@ -24,6 +26,8 @@ api.lyte.dev: ENC[AES256_GCM,data:14C5GQ41m/g7qHPzxlYoWjKWDOcm7MEDkuSofiuLfRNc/n
|
||||||
restic-rascal-passphrase: ENC[AES256_GCM,data:yonKbBh4riGwxc/qcj8F/qrgAtA1sWhYejw9rdOTdCNW3a7zL/Ny1+XCI/P3bMOsY6UTmg/gxA2itp4cSbvqjg==,iv:5GwaEExn7b3dIkCVehLxaBXW+nUuSexY/bcqfCUwF5Q=,tag:dinyyw2XeVoSnw/IsYfK0w==,type:str]
|
restic-rascal-passphrase: ENC[AES256_GCM,data:yonKbBh4riGwxc/qcj8F/qrgAtA1sWhYejw9rdOTdCNW3a7zL/Ny1+XCI/P3bMOsY6UTmg/gxA2itp4cSbvqjg==,iv:5GwaEExn7b3dIkCVehLxaBXW+nUuSexY/bcqfCUwF5Q=,tag:dinyyw2XeVoSnw/IsYfK0w==,type:str]
|
||||||
restic-rascal-ssh-private-key: ENC[AES256_GCM,data:ddsOs0XsayyQI9qc6LzwQpdDnfwNpbj8PbBJ5fyuqtlVNYndeLxaYcbZI2ULSUhgR1tN0FS+ggGTHQhVvjwksNvpskUGHNKkSLKH3D/mn5N9tsoeAblN4gZsloZdqXBVzEehumcQMdhh6iy6NkNbuinKrVKDhLV25PrFKuSBEYw9VHU7HAMW5Tfop3RzBXjZWETCDAR2OQa7d1dXsJ0Kw6b9RFmRe5MGQ0J7YhjdTg26JGMMVSeHvr5UbiUJkGA5RvOLEDM2Dfai7Lf8yRPZVxUl+rdRsNvNYEoYGu5rGLUFcuqIbQ+s40dP2uXwWauwkIvHUjEahkbP0httj4Kg3qIJBRPg7OuS+MOwAnLEAs3hl5zeBV396yA9qjWW8nhnbml58/uFFbfXbJWTM3r8cMpFbHKD+Ojo/99fm5Vy3pAMzNzEsHOaT+iyDYyNkV5OH1GyKK9n7kIRLdqmWe7GmaKXlwVvNUPi3RvLX9VXq83a4BuupFyTmaNfPGMs/17830aleV674+QVgKh3VyFtuJy6KBpMXDv16wFo,iv:S2I3h6pmKLxEc29E0zn2b8lscqA//5/ZMTV9q+/tdvs=,tag:ALeCT+nrVPDfS21xC555sA==,type:str]
|
restic-rascal-ssh-private-key: ENC[AES256_GCM,data:ddsOs0XsayyQI9qc6LzwQpdDnfwNpbj8PbBJ5fyuqtlVNYndeLxaYcbZI2ULSUhgR1tN0FS+ggGTHQhVvjwksNvpskUGHNKkSLKH3D/mn5N9tsoeAblN4gZsloZdqXBVzEehumcQMdhh6iy6NkNbuinKrVKDhLV25PrFKuSBEYw9VHU7HAMW5Tfop3RzBXjZWETCDAR2OQa7d1dXsJ0Kw6b9RFmRe5MGQ0J7YhjdTg26JGMMVSeHvr5UbiUJkGA5RvOLEDM2Dfai7Lf8yRPZVxUl+rdRsNvNYEoYGu5rGLUFcuqIbQ+s40dP2uXwWauwkIvHUjEahkbP0httj4Kg3qIJBRPg7OuS+MOwAnLEAs3hl5zeBV396yA9qjWW8nhnbml58/uFFbfXbJWTM3r8cMpFbHKD+Ojo/99fm5Vy3pAMzNzEsHOaT+iyDYyNkV5OH1GyKK9n7kIRLdqmWe7GmaKXlwVvNUPi3RvLX9VXq83a4BuupFyTmaNfPGMs/17830aleV674+QVgKh3VyFtuJy6KBpMXDv16wFo,iv:S2I3h6pmKLxEc29E0zn2b8lscqA//5/ZMTV9q+/tdvs=,tag:ALeCT+nrVPDfS21xC555sA==,type:str]
|
||||||
restic-ssh-priv-key-benland: ENC[AES256_GCM,data:G+uiYZTvqXhpJb66j6Q6S+otlXeRX0CdYeMHzSMjIbvbI0AVm0yCU7COO5/O8i47NpvrKKS1kVxVEK8ixLRUowkl3hgRXhxsBIPFnpkMD0ENmJttm4HOpi0qIWMwzPYTjkz/slY4HcTFnCfYy1ZpURQdWwZsr1EdAA05bUMTtM22R3uOMzjO8uf72PCWX7yffo8MxsLmWvNVAOhVlrb2H5KQNR/IquFK3TFoZitq5nVDG9tcEFkX+lgA3zsmCHU/2DvvodgeRoltaAFvgjVznNGf4e5p8owHUtSzX52HwGZRiUlMuhpre2gm1r73n8AyZe41II+LX/85fMfZDdyayIGv3AAMBib8H0/AoChexRcdLQEmzOgRrXsgucDJrWSWP6WMBVyamUm79m5ep0fvL1lJftuJqN0uuq9dBrispdso4x+6jk/pDf5pEM/FE6s1rY832BEb7q0PnjyvVogOez+cIihmMpDdnS0A/8TFzg29i3C+93x5vrt3k7atNzR/jN+/GqX2FKLzxWrrIw2d,iv:IP+N8JQu+XRvwTtBnxu54ujzU5UliltXG3mk9HfJaN8=,tag:4oinE9QMaSh8IfUd/ttM3Q==,type:str]
|
restic-ssh-priv-key-benland: ENC[AES256_GCM,data:G+uiYZTvqXhpJb66j6Q6S+otlXeRX0CdYeMHzSMjIbvbI0AVm0yCU7COO5/O8i47NpvrKKS1kVxVEK8ixLRUowkl3hgRXhxsBIPFnpkMD0ENmJttm4HOpi0qIWMwzPYTjkz/slY4HcTFnCfYy1ZpURQdWwZsr1EdAA05bUMTtM22R3uOMzjO8uf72PCWX7yffo8MxsLmWvNVAOhVlrb2H5KQNR/IquFK3TFoZitq5nVDG9tcEFkX+lgA3zsmCHU/2DvvodgeRoltaAFvgjVznNGf4e5p8owHUtSzX52HwGZRiUlMuhpre2gm1r73n8AyZe41II+LX/85fMfZDdyayIGv3AAMBib8H0/AoChexRcdLQEmzOgRrXsgucDJrWSWP6WMBVyamUm79m5ep0fvL1lJftuJqN0uuq9dBrispdso4x+6jk/pDf5pEM/FE6s1rY832BEb7q0PnjyvVogOez+cIihmMpDdnS0A/8TFzg29i3C+93x5vrt3k7atNzR/jN+/GqX2FKLzxWrrIw2d,iv:IP+N8JQu+XRvwTtBnxu54ujzU5UliltXG3mk9HfJaN8=,tag:4oinE9QMaSh8IfUd/ttM3Q==,type:str]
|
||||||
|
paperless-superuser-password: ENC[AES256_GCM,data:lypWK73mOYI2hyQAW/4T3cDiVtsts3kKb7LZb9ES3n97Kn5l,iv:jBHUBFbb4GqQ3gnK0h5VCaGj3/kd3/eGa1QFiE7+B9I=,tag:UoQar+x1xVnCV2k+9hYjWA==,type:str]
|
||||||
|
factorio-server-settings: ENC[AES256_GCM,data:ItK+/eONdAqNAiQxCrCipUmTdIKt274qwVyNnSdOdxxd67XGozs/xr/cCYwwDiUyKQ7mD8oBLL6EVaHbXpObLwGe0Nsnz5jE9GtI0k5184/jsQ==,iv:Qre+BKhdqNDNuOz0PGZJJpTmQxJdNoTbd5FxRy0lrVs=,tag:G4dFdVclUdagyA84Yh653w==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
@ -48,8 +52,8 @@ sops:
|
||||||
bGpacHFRSkJYUUMwOEh4cVBXZ1NESmsKa5EhZ7148ojCqZldukLcPLr93HqnpNgq
|
bGpacHFRSkJYUUMwOEh4cVBXZ1NESmsKa5EhZ7148ojCqZldukLcPLr93HqnpNgq
|
||||||
rMI0Nyz4Z4lkTVMRpA94zyNTkNwJ02/CYcKi8EJi6jGZnNPUTcnTwg==
|
rMI0Nyz4Z4lkTVMRpA94zyNTkNwJ02/CYcKi8EJi6jGZnNPUTcnTwg==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2024-09-06T21:22:57Z"
|
lastmodified: "2024-10-14T14:58:39Z"
|
||||||
mac: ENC[AES256_GCM,data:suoBGuZnfZpo55g+sq6MXDvecwhhWRS9gtTlCvnWmSvWT+K8TFXHcz9cLZT5U2N4ueSYJovRoKPoAv9rKgtLHSSg+JKI0b0cErQge75970bTbeMKMl+SJmYF0T0ht5+8n5zjhnQjVo2mHmJJI1IekumsoNJ9+F6USPBidiK0uNU=,iv:7dMsEnXylvn0vVfmU9pQt1BgrqfKdSyoBbNTUZ782Uo=,tag:E3u9LVcdTKa7mjAxQ/m9rw==,type:str]
|
mac: ENC[AES256_GCM,data:cNVTWA2S9SMEqoDz7jHuN/9hO20kDyoR03vKw8D72VJiqDEVvAkYeRu6KmGI7DWcfV/2OIrwVjyt+zry92ksYPmF1Xx8s4hu6Z0ooi7mvNrtSMnOLJ68mfpERbdBBcnvX5YivS50mbPhif/kvb5IgUxIQvo2NGFC9Sj7ZnXLa+U=,iv:kKkHVNJ0JE4CRvQdLAfFHKeL4h3o7Z6HJ57HzsqKTJY=,tag:k9K7NS2TZ0uk9u0yd9IAOg==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.9.0
|
version: 3.9.0
|
||||||
|
|
30
secrets/dragon/secrets.yml
Normal file
30
secrets/dragon/secrets.yml
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
ddns-pass: ENC[AES256_GCM,data:/Dpjl761JLHTM+we1PJs7pkcHcWzBk0jQ1bP4plOYGS4N3vXhXn1bHCYmENlrOwU3riETBZ5OeRA1LvFNZHPQw==,iv:LbgN5utHUBZRV49e6ux7HPG0xt4ydTqyZA+NZuaJnWs=,tag:l0VRaMJ6ie63lej6mZTMPg==,type:str]
|
||||||
|
sops:
|
||||||
|
kms: []
|
||||||
|
gcp_kms: []
|
||||||
|
azure_kv: []
|
||||||
|
hc_vault: []
|
||||||
|
age:
|
||||||
|
- recipient: age1stdue5q5teskee057ced6rh9pzzr93xsy66w4sc3zu49rgxl7cjshztt45
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCTitMaFRiK1BSMEcwRmNk
|
||||||
|
Q0hmOGlZSFpkUUhyZkkwSU40QXB5cmlkR1FRCkRhbVBXQ2FjUzRhdEhrSEZKcWhM
|
||||||
|
dTNuVUljU0NSbVQzbXhZeFNENmN5QjgKLS0tIDFncEMrUCtWWTMyUGZIelY5aXB4
|
||||||
|
NmJWeDFSVVoxZCtRWlhNNXNyVWRvY28KgPbg6RScxBrxI0DvD6R7iKm8/70kJLdG
|
||||||
|
FhbgK9d/7UPMfefluEah7vKzXV/dn+/4KsCJuKFFZ1AsM5hDFQ+JGQ==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1ez4why08hdx0qf940cjzs6ep4q5rk2gqq7lp99pe58fktpwv65esx4xrht
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXa1owK21QNUovZzZHekpw
|
||||||
|
OWdsSy9ZcmhGNzc1enNGVHRHTTlSb1E5UEJJCkF3MlpYQ1c5UGNySk94aENHMDh2
|
||||||
|
ME1rUlZscHFYSUVwOWFSczZGV2Z5aEEKLS0tIFlXTUFZaVJtWXltZGdEZzJPSjFJ
|
||||||
|
bTdCNS9zMzdvT2NiZVRyT1JzVmRFUFEKguq2i4rnVvGECZlUcEEubXfv4Ya/zI1N
|
||||||
|
3mWQslPHgnnWuwG7flbvafHYnyZCXsMqNKnNDM6wayDgKAbtCx3Syg==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2024-09-14T12:41:15Z"
|
||||||
|
mac: ENC[AES256_GCM,data:sO3omCYH1urB/qcW3VippCinCUO1cmp5KrUSQk5ms7k+i9xUhdL3tTYHGVTa4PHV6VluukKnHuwAijo+rneNdCeMdIkAEskk/X6SDYgkwmjXuNcNEA4la22EqSrenJ8W3UafHDvP8+vpUKAzVo0E82Vmo9/YNJaqvqQM8PtciSc=,iv:2GboNZpAezZsWK3CbcwVw40zW4CucP3JhsYlvZ/Hy2M=,tag:w3XmkN76oYV+PmliPB01MQ==,type:str]
|
||||||
|
pgp: []
|
||||||
|
unencrypted_suffix: _unencrypted
|
||||||
|
version: 3.9.0
|
30
secrets/router/secrets.yml
Normal file
30
secrets/router/secrets.yml
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
netlify-ddns-password: ENC[AES256_GCM,data:zp58uV2L+/n/9Cvp1BnQBhdfmNfuyH8C73R6JYrJ3pw0QbEpPpIWuzod9S28QxNq50Bj5/zGzE+D125dkYFX0A==,iv:kceEl04Nb6LWcyjl2fHYjsl0RSO8OulN3DKlDLwjIu4=,tag:nOi2H56dEX9K5okaiDaWOQ==,type:str]
|
||||||
|
sops:
|
||||||
|
kms: []
|
||||||
|
gcp_kms: []
|
||||||
|
azure_kv: []
|
||||||
|
hc_vault: []
|
||||||
|
age:
|
||||||
|
- recipient: age1stdue5q5teskee057ced6rh9pzzr93xsy66w4sc3zu49rgxl7cjshztt45
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiQlZqSzBaTUROMkp2K2xI
|
||||||
|
Z0ZIdllGNnlNYnFtVERPbVN6Y1FnWC9aeGlFCnZYci9CblA3VFZsOG5OOXE3cDZj
|
||||||
|
TlZkbU0yY0F1ZDA5amczRVFldU1ZWGcKLS0tIEFTdi9uRFdlQW1MbUdSdm9jRW5n
|
||||||
|
emxsSGN2b3JLZGNYQmVDYk96QUY5aVEK0w7Q/zEsIJKFcQjhgQovmRs4Iv6bhuaz
|
||||||
|
cKn8M/p8dG+p5G50ALsiIiuTFBUM7vmFVF000PxqsEFr0Yl6eDg+uA==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1zd7c3g5d20shdftq8ghqm0r92488dg4pdp4gulur7ex3zx2yq35ssxawpn
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBZK1lRTlRIc2ZxcllsRFRp
|
||||||
|
aEZIOC80TSt2Ly9MUEdiVGQ5akkrUUJwcDFJClIyMUl0SWY3TXFLcWl0TGw3K3VM
|
||||||
|
N0VWaGpCaVp6MXg4M2pwcnNhNkhPYjQKLS0tIEZOVGVTcUxaMmxBNEVJQ2VFSjRm
|
||||||
|
L2lpaExJM2FkUFdqa3JpalZmOFZYV0kKmXlu5CUIYnNEOlIco3JveS7KdiF2yWTn
|
||||||
|
r/KOKA9/v3zPbnsYc+HETxYNy1OWrQ/qDGIbR6jz8L5+v35FN+larw==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2024-09-13T05:37:38Z"
|
||||||
|
mac: ENC[AES256_GCM,data:r1qpYSojCuN84FYX1c684XifKMKUPTOl7dvzuoYYuLf+mwbZrD4fUErDmZczzA4g2ttSNNv05bEq5D7XgfoXPcbhqtj/jggxvX4EGLltpo3Jy77EyKabr1c7KsYV3ciYT13sRGzFYrge06wVrUUPpozPfvAbp1qv0CwK4dUg4dc=,iv:Bpnrx8KcZnWkld4f3VRl39xMmaU388KQunig9xohUto=,tag:vKUupMf/dRb5bY8BMV4oVw==,type:str]
|
||||||
|
pgp: []
|
||||||
|
unencrypted_suffix: _unencrypted
|
||||||
|
version: 3.9.0
|
|
@ -47,19 +47,21 @@
|
||||||
src = ./.;
|
src = ./.;
|
||||||
pname = "api.lyte.dev";
|
pname = "api.lyte.dev";
|
||||||
in {
|
in {
|
||||||
# this-package = mixRelease {
|
/*
|
||||||
# inherit pname version src;
|
this-package = mixRelease {
|
||||||
# mixFodDeps = fetchMixDeps {
|
inherit pname version src;
|
||||||
# inherit version src;
|
mixFodDeps = fetchMixDeps {
|
||||||
# pname = "mix-deps-${pname}";
|
inherit version src;
|
||||||
# hash = pkgs.lib.fakeSha256;
|
pname = "mix-deps-${pname}";
|
||||||
# };
|
hash = pkgs.lib.fakeSha256;
|
||||||
# buildInputs = with pkgs; [sqlite];
|
};
|
||||||
# HOME = "$(pwd)";
|
buildInputs = with pkgs; [sqlite];
|
||||||
# MIX_XDG = "$HOME";
|
HOME = "$(pwd)";
|
||||||
# };
|
MIX_XDG = "$HOME";
|
||||||
|
};
|
||||||
|
|
||||||
# default = outputs.packages.${system}.this-package;
|
default = outputs.packages.${system}.this-package;
|
||||||
|
*/
|
||||||
});
|
});
|
||||||
|
|
||||||
devShells = forAllSystems (system: let
|
devShells = forAllSystems (system: let
|
||||||
|
|
|
@ -35,12 +35,14 @@
|
||||||
default = self.outputs.devShells.${pkgs.system}.nix;
|
default = self.outputs.devShells.${pkgs.system}.nix;
|
||||||
});
|
});
|
||||||
|
|
||||||
# packages = genPkgs (pkgs: import ./pkgs {inherit pkgs;});
|
/*
|
||||||
# overlays = import ./overlays self;
|
packages = genPkgs (pkgs: import ./pkgs {inherit pkgs;});
|
||||||
# nixosModules = import ./modules/nixos;
|
overlays = import ./overlays self;
|
||||||
# homeManagerModules = import ./modules/home-manager;
|
nixosModules = import ./modules/nixos;
|
||||||
# nixosConfigurations = import ./nixos;
|
homeManagerModules = import ./modules/home-manager;
|
||||||
# homeConfigurations = import ./home
|
nixosConfigurations = import ./nixos;
|
||||||
# templates = import ./templates;
|
homeConfigurations = import ./home
|
||||||
|
templates = import ./templates;
|
||||||
|
*/
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -22,12 +22,14 @@
|
||||||
alejandra.enable = true;
|
alejandra.enable = true;
|
||||||
# NOTE: These do not work well with `nix flake check` due to pure environments
|
# NOTE: These do not work well with `nix flake check` due to pure environments
|
||||||
# https://github.com/cachix/git-hooks.nix/issues/452
|
# https://github.com/cachix/git-hooks.nix/issues/452
|
||||||
# cargo-check.enable = true;
|
/*
|
||||||
# clippy = {
|
cargo-check.enable = true;
|
||||||
# enable = true;
|
clippy = {
|
||||||
# packageOverrides.cargo = pkgs.cargo;
|
enable = true;
|
||||||
# packageOverrides.clippy = pkgs.rustPackages.clippy;
|
packageOverrides.cargo = pkgs.cargo;
|
||||||
# };
|
packageOverrides.clippy = pkgs.rustPackages.clippy;
|
||||||
|
};
|
||||||
|
*/
|
||||||
rustfmt = {
|
rustfmt = {
|
||||||
enable = true;
|
enable = true;
|
||||||
packageOverrides.rustfmt = pkgs.rustfmt;
|
packageOverrides.rustfmt = pkgs.rustfmt;
|
||||||
|
@ -41,13 +43,15 @@
|
||||||
pname = "kodotag";
|
pname = "kodotag";
|
||||||
version = "0.1.0";
|
version = "0.1.0";
|
||||||
|
|
||||||
# nativeBuildInputs = with pkgs; [
|
/*
|
||||||
# pkg-config
|
nativeBuildInputs = with pkgs; [
|
||||||
# clang
|
pkg-config
|
||||||
# ];
|
clang
|
||||||
|
];
|
||||||
|
|
||||||
# buildInputs = with pkgs; [
|
buildInputs = with pkgs; [
|
||||||
# ];
|
];
|
||||||
|
*/
|
||||||
|
|
||||||
src = ./.;
|
src = ./.;
|
||||||
hash = pkgs.lib.fakeHash;
|
hash = pkgs.lib.fakeHash;
|
||||||
|
|
Loading…
Reference in a new issue