Compare commits
561 commits
reduce-com
...
main
Author | SHA1 | Date | |
---|---|---|---|
afaa34df91 | |||
43c3db7f8a | |||
4982ab72e3 | |||
50c06ebd7f | |||
0baa4cadc7 | |||
5149e4aef0 | |||
7078e5b872 | |||
cce109e79d | |||
43f35b76ce | |||
4f8aea1ef4 | |||
0e38f4dd2a | |||
a49df451a2 | |||
df79b8dc4a | |||
ebfe621f4c | |||
9fdea1fd17 | |||
8c0dd0aa54 | |||
ab352eb08e | |||
d32bba279a | |||
9b24af3def | |||
d5d4a1d96c | |||
5481cdb362 | |||
08f8e07f03 | |||
76ee9ce49b | |||
78cfa9d619 | |||
e0c8f39121 | |||
46d30b8959 | |||
99b8097aa6 | |||
83e98441a7 | |||
db9ec77114 | |||
b7ce066115 | |||
7e8a92ddc7 | |||
6ff76be7e4 | |||
3a7c517435 | |||
6e4d4cfafc | |||
7373b9af7e | |||
50b5b24d0f | |||
88e55cbd3a | |||
a9b1a299cd | |||
849bb6bc9b | |||
e9f6f85251 | |||
fd4d4ffa1a | |||
25d8cf48d5 | |||
196bd09206 | |||
c11e683a6a | |||
fdc1fe0e16 | |||
787124b6fa | |||
b43ada1c2b | |||
df933bdc6f | |||
d8ed1f42ae | |||
444502d6f1 | |||
78daebdbb3 | |||
c53d4b832b | |||
724c4fdbda | |||
c520b80cee | |||
57ae703b38 | |||
f7b0b54871 | |||
f735072e34 | |||
c5b0de57c4 | |||
e32f46fa20 | |||
30cddbdc37 | |||
c7e033e1d6 | |||
48c8072611 | |||
7c057bf169 | |||
e5bde15acf | |||
da5f4d9a9c | |||
13ad12efda | |||
f577a0bc73 | |||
bedc9dd741 | |||
1f9860f39f | |||
8278796bb1 | |||
ffdbc3891d | |||
5ad3a220a7 | |||
06427b694c | |||
66c0f17e46 | |||
c8bf3ae618 | |||
8afad6f40c | |||
0cfb985723 | |||
303ca8c871 | |||
e8dd91e345 | |||
2b4b1c5850 | |||
a1acf60896 | |||
2c541801e6 | |||
352d4412f2 | |||
a3997d519a | |||
64e4c9c1b2 | |||
337e587f92 | |||
1bb83efeef | |||
a7b81162d5 | |||
1bec150b17 | |||
bec787e6ff | |||
3eba3a553d | |||
9630de5237 | |||
a3fa043cb9 | |||
6624b11014 | |||
226c7993b1 | |||
ce00bd6fed | |||
556c58f0fb | |||
c007790ecf | |||
095bfdddfc | |||
e8564cbae0 | |||
9cc15d53fa | |||
a33de2c711 | |||
9e8ce71b65 | |||
1469810d2b | |||
b8ac83f1a1 | |||
f676b4d7a5 | |||
a733249377 | |||
494a9727c7 | |||
8aab4b1056 | |||
035fdc710b | |||
09b4567c92 | |||
c2e03c50ae | |||
379c26527a | |||
3b7aefac96 | |||
3df1eeecca | |||
529dcce37a | |||
fbdac308ec | |||
c92314e731 | |||
c2095697ef | |||
f247344b05 | |||
637c4e4273 | |||
c20b5d540f | |||
20eaf3acbd | |||
0ee453de49 | |||
5b80da7323 | |||
8c77376e36 | |||
8d0e080906 | |||
b72c71a272 | |||
8bb7b4cac2 | |||
262ef3bb45 | |||
2fc5333362 | |||
b7925c965e | |||
727a70d843 | |||
a7ec834c6a | |||
a633ccc36f | |||
e7ecd05161 | |||
c520512399 | |||
4c07dcacc1 | |||
9616fb1df0 | |||
3d9a29b857 | |||
11e159c7c9 | |||
003b5516fe | |||
f6eb6a72ad | |||
cf2f2ecf0a | |||
524a34d819 | |||
352e3d72a2 | |||
26f2784f0f | |||
25abed953f | |||
f8b68daf1e | |||
6ddc70bcaa | |||
67fe4216f2 | |||
0ff4336088 | |||
66e96e2960 | |||
0984c7aef0 | |||
efe20354ea | |||
bbd09488ff | |||
379adc7ec6 | |||
639aad8c8a | |||
da602beac6 | |||
a1a5aea93d | |||
98c46632a6 | |||
e2c3b08fc7 | |||
72a49c2f28 | |||
6f1b5bb86d | |||
6c1120b992 | |||
c297aff739 | |||
d68b988bbe | |||
39eef52762 | |||
e7067bef8c | |||
a84ea621bc | |||
61ab5f0f58 | |||
abd60eceef | |||
2ea8ff3ccc | |||
de02a81c92 | |||
6dfef5d07b | |||
6c85391b37 | |||
26a5d991c5 | |||
2ad87cfe68 | |||
e40ed7ce05 | |||
d10f49780d | |||
e6bbf8acab | |||
32f412e195 | |||
f1169c4b2b | |||
befae3aad3 | |||
662ccffa98 | |||
411be6cac0 | |||
2c7730d609 | |||
7af174dd08 | |||
14f39df41a | |||
63ca02f6dc | |||
0fe9222e42 | |||
6f643a1858 | |||
1952460606 | |||
5337459609 | |||
85b37c83cf | |||
f838affdb0 | |||
e7ac232b50 | |||
1b09e32625 | |||
20b836dd9d | |||
1f793e5296 | |||
ecd5caf514 | |||
2a14742b5a | |||
078f29bcbe | |||
53f119285e | |||
e7b4d34399 | |||
7c1b5afc31 | |||
46823d62e5 | |||
e356a7ccba | |||
ab03e929d4 | |||
63047aec55 | |||
2c801461fd | |||
2563ecbfed | |||
3b73fe8ca4 | |||
12e6f87d1b | |||
594078f84f | |||
dbabc70e2f | |||
afa7d0a5b6 | |||
a6f5f6baa7 | |||
dc5e526698 | |||
624229a035 | |||
5a20df95ba | |||
8f09dd06b0 | |||
0009ed8b19 | |||
c23487b544 | |||
af7eaf7c57 | |||
2ef8592e54 | |||
37dc6efd14 | |||
8e9da1df88 | |||
d2059a2845 | |||
48be7c8395 | |||
cec692bffc | |||
b157935e93 | |||
a33bc7e455 | |||
c11035d929 | |||
f178ef477c | |||
53df50c8d6 | |||
11948b8e2e | |||
69688a053e | |||
14cd9f8006 | |||
fdcead0d7b | |||
4361355794 | |||
58afc27d85 | |||
1b755432cc | |||
d87fe696e3 | |||
93e4d760ff | |||
1bbed3bfd6 | |||
c56659cc56 | |||
5273a5e9ff | |||
c1c0a2cf26 | |||
53ae7cd68d | |||
b34ec46b56 | |||
bea284a645 | |||
f655e43ec7 | |||
94966a089e | |||
474e76ba18 | |||
462a0b8593 | |||
803e78147a | |||
57cbceb82b | |||
172a97176d | |||
7fbe64b448 | |||
9564cbc740 | |||
f4f9ed92e8 | |||
a0d378a0e6 | |||
481e5909c9 | |||
4a4a092940 | |||
93117c886b | |||
3c4e5edd55 | |||
e21b0f019e | |||
78c2222162 | |||
1364e4b6e9 | |||
a0b505e226 | |||
8c140dd3db | |||
70499bc218 | |||
e6553c3370 | |||
eeda716b9b | |||
a2c6a0fe93 | |||
e6e1225858 | |||
bebdd082d2 | |||
2b34c907b7 | |||
55530d8b26 | |||
dff621fe42 | |||
cbe4b8619a | |||
cde4925ec1 | |||
696d77ca54 | |||
a6052994f0 | |||
5f4f69ae26 | |||
5dfbcbebd3 | |||
cc44a2e793 | |||
8fb3ea82b7 | |||
2c6484f66a | |||
8bb731e21c | |||
3b685c6d40 | |||
fc7a7355ea | |||
27b94ccb51 | |||
14fabcbe20 | |||
14bf7cbb24 | |||
464997aa5d | |||
2b86faa7fe | |||
011d57c17d | |||
bb015fc244 | |||
3361c316b9 | |||
3a4d389201 | |||
098817dd79 | |||
6469c70d3b | |||
98f36353f4 | |||
a8c0774435 | |||
5c15f1f338 | |||
52c3f11b41 | |||
ed9ae0bd07 | |||
93173c3445 | |||
ed9d331f8d | |||
9ffbf37ca6 | |||
e41fb2b1ea | |||
c8894d90d9 | |||
d150f994ec | |||
b9b14effff | |||
8ebd884eb4 | |||
985c365ed4 | |||
a783f6c146 | |||
f87fbad500 | |||
7efd72ded7 | |||
9f4edbe16d | |||
41b16a7173 | |||
c5a473c557 | |||
ada6443dd5 | |||
5badc90690 | |||
da2842e247 | |||
688bf7bd41 | |||
deb34a3383 | |||
498caa4578 | |||
c9787b39f8 | |||
2b95f07c46 | |||
aad7afd5e5 | |||
4c0760495f | |||
ca023db81f | |||
69c8c4777b | |||
091a9e2485 | |||
12149bb2f6 | |||
afe1bb4809 | |||
1286e23914 | |||
f0973aa3cf | |||
5ef9bfb602 | |||
dd1cf0685a | |||
400b6cc066 | |||
6888a2f3e1 | |||
f7949285f2 | |||
453a635538 | |||
998fccd132 | |||
6156b6db72 | |||
a86c25c85b | |||
ed675db195 | |||
18c2274529 | |||
cfdcc4ae48 | |||
977b6940cf | |||
a236f88d02 | |||
7c588680e3 | |||
b138325f45 | |||
bda77522db | |||
f3072c8214 | |||
f386180bb7 | |||
6b1654ea47 | |||
ed7f780338 | |||
6a379b4f82 | |||
39e94c820f | |||
0225aa2010 | |||
d3996bb9e2 | |||
8226b5bc00 | |||
91e9d48c82 | |||
867cacfe49 | |||
7630d503b6 | |||
0d49f191cf | |||
e42c330c06 | |||
fc54c447a8 | |||
3607c2ffb6 | |||
2784badab9 | |||
cfaa3e4c12 | |||
3a3406c796 | |||
bdddcdfcf9 | |||
2daa90de72 | |||
c0f72cd01e | |||
038badd1a9 | |||
98551750da | |||
1c0e1e04dc | |||
98b0ebdd51 | |||
f35bb3e43c | |||
d50255b748 | |||
ccc3d17747 | |||
1c6e73bc33 | |||
143c2f2508 | |||
b489673f31 | |||
f1ed65d50c | |||
e1145f734c | |||
4170c92d44 | |||
213f531f7c | |||
9c17acb9fd | |||
e8f498c5e9 | |||
06c57aa29f | |||
7f6894bf39 | |||
9fba494811 | |||
5eb3516f18 | |||
9390153ffc | |||
d571fabd4f | |||
59bb4a9fb7 | |||
aa27b55609 | |||
c6fdb6838a | |||
74635d6ef2 | |||
0dc4c8151c | |||
92cd2922b2 | |||
f514f5addc | |||
57f9e3deba | |||
1b3e043e42 | |||
a01dc19b5f | |||
4104af7f5e | |||
afb5e5aa93 | |||
14949fb6d6 | |||
ed5f8840b7 | |||
d2a5c90021 | |||
e209716a07 | |||
fafd242e46 | |||
701be10014 | |||
8c4a196883 | |||
580f59f820 | |||
6e245ac69d | |||
4665d93a1a | |||
a7dda92091 | |||
409f228586 | |||
57110ddd81 | |||
85efa83e66 | |||
7762e62809 | |||
85fa907283 | |||
5632cf75f5 | |||
93f60a925e | |||
a44fc2764e | |||
06a7949edb | |||
bde0ce2e51 | |||
a602cc8ad2 | |||
f8ae2b7664 | |||
0f33a266bd | |||
884bc9f277 | |||
6c82be899e | |||
8865494eef | |||
e75d54bcdd | |||
ca3d080775 | |||
3d15c98a38 | |||
9185ce668c | |||
1d192f702c | |||
0c51d44c08 | |||
a1ae78113a | |||
d3a881b597 | |||
d035874f27 | |||
40abda7ae9 | |||
ed94ea8c2a | |||
65eb9d2175 | |||
f09bd37695 | |||
b0e1def9dc | |||
006535e93e | |||
f55594b02c | |||
7442479948 | |||
5dc4873036 | |||
b2f8891ebe | |||
fd4757d697 | |||
f78e1d5e7d | |||
86de1944fe | |||
f692217356 | |||
6a13c7421a | |||
054cbfc93d | |||
44b0b89f64 | |||
0711b7cbb1 | |||
e7167055b2 | |||
ac31bfe22d | |||
7ee7c88315 | |||
39090f4d45 | |||
2219adcd53 | |||
a60f780361 | |||
4a1859a1f7 | |||
a5bff82fb2 | |||
8a24e59c78 | |||
f2c0b533cf | |||
788fb87fdc | |||
65241635b2 | |||
34a538489a | |||
4c030b37f0 | |||
c2a246295b | |||
d9fbabff3c | |||
e22369983f | |||
88f7482f22 | |||
69de429142 | |||
aa520ec9b1 | |||
b77283f7ba | |||
de5089e614 | |||
4da7f66fa5 | |||
b34723fc80 | |||
2c783aaa7f | |||
f9c274f61a | |||
014ed7f199 | |||
e702bc16d5 | |||
c6e835d726 | |||
3135d7b4ab | |||
06887379d4 | |||
1f2cb8746c | |||
49ea63c786 | |||
3d80d8aef9 | |||
17f628832d | |||
c15642693e | |||
0ac2434ed9 | |||
a2f727f848 | |||
b266417c69 | |||
97540d460a | |||
0ed6bd5c28 | |||
0803ac1277 | |||
add9976272 | |||
e9a25dad20 | |||
1712d88695 | |||
04dc5a5094 | |||
a225e6d55d | |||
69b372d036 | |||
cf89dc9e8b | |||
a8accc6b71 | |||
ce1a01c5d1 | |||
decb9e46df | |||
d7ce3ec0a7 | |||
2bec61cc0c | |||
c77c4d5c79 | |||
474b59ebe3 | |||
66a3b0394b | |||
d0a1f1ade9 | |||
473da6e976 | |||
f27a46d2e9 | |||
54d91634cb | |||
f17a54ca68 | |||
576f09d4e0 | |||
6791f73744 | |||
fd8055f1ab | |||
768dca4c83 | |||
2841de2e3d | |||
c276247f21 | |||
586fd9524b | |||
34db815986 | |||
3b134dc131 | |||
593530c21f | |||
48932dc77e | |||
544b53a7ba | |||
58a425fe27 | |||
c3bf12b896 | |||
e27cd1b85d | |||
7ca48ea2fc | |||
1db1d422c5 | |||
0925b57461 | |||
f48badb047 | |||
739c256785 | |||
b06f24fcb7 | |||
4ae49a53c8 | |||
4239e603ad | |||
fe5931ff4e | |||
91a71561e4 | |||
b7027a4ab1 | |||
000ef1fb2c | |||
9b228e61bc | |||
f44d8ab87d | |||
a79d4f2426 | |||
8f431a09b0 |
145 changed files with 11587 additions and 5524 deletions
2
.envrc
Normal file
2
.envrc
Normal file
|
@ -0,0 +1,2 @@
|
|||
nix_direnv_manual_reload
|
||||
use flake
|
37
.forgejo/workflows/nix-build.yaml
Normal file
37
.forgejo/workflows/nix-build.yaml
Normal file
|
@ -0,0 +1,37 @@
|
|||
on: [push]
|
||||
jobs:
|
||||
check:
|
||||
runs-on: nixos-host
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
|
||||
# cache not needed since we now run on the host directly
|
||||
# - name: Load cached nix store
|
||||
# id: cache-nix-store
|
||||
# uses: actions/cache/restore@v4
|
||||
# with:
|
||||
# path: /nix/store
|
||||
# key: ${{ runner.os }}-nix-store
|
||||
|
||||
- name: Build server
|
||||
run: |
|
||||
nix shell nixpkgs#nixos-rebuild -c nixos-rebuild build --flake .#beefcake
|
||||
|
||||
- name: Build router
|
||||
run: |
|
||||
nix shell nixpkgs#nixos-rebuild -c nixos-rebuild build --flake .#router
|
||||
|
||||
- name: Build desktop
|
||||
run: |
|
||||
nix shell nixpkgs#nixos-rebuild -c nixos-rebuild build --flake .#dragon
|
||||
|
||||
- name: Build laptop
|
||||
run: |
|
||||
nix shell nixpkgs#nixos-rebuild -c nixos-rebuild build --flake .#foxtrot
|
||||
|
||||
# - name: Save nix store
|
||||
# uses: actions/cache/save@v4
|
||||
# with:
|
||||
# path: /nix/store
|
||||
# key: ${{ steps.cache-nix-store.outputs.cache-primary-key }}
|
25
.forgejo/workflows/nix-flake-check.yaml
Normal file
25
.forgejo/workflows/nix-flake-check.yaml
Normal file
|
@ -0,0 +1,25 @@
|
|||
on: [push]
|
||||
jobs:
|
||||
check:
|
||||
runs-on: nixos-host
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
|
||||
# cache not needed since we now run on the host directly
|
||||
# - name: Load cached nix store
|
||||
# id: cache-nix-store
|
||||
# uses: actions/cache/restore@v4
|
||||
# with:
|
||||
# path: /nix/store
|
||||
# key: ${{ runner.os }}-nix-store
|
||||
|
||||
- name: Check nix flake
|
||||
run: |
|
||||
nix flake check
|
||||
|
||||
# - name: Save nix store
|
||||
# uses: actions/cache/save@v4
|
||||
# with:
|
||||
# path: /nix/store
|
||||
# key: ${{ steps.cache-nix-store.outputs.cache-primary-key }}
|
6
.gitignore
vendored
6
.gitignore
vendored
|
@ -1,3 +1,7 @@
|
|||
*.log
|
||||
/.direnv
|
||||
result
|
||||
|
||||
.pre-commit-config.yaml
|
||||
|
||||
*.log
|
||||
*.qcow2
|
||||
|
|
32
.sops.yaml
32
.sops.yaml
|
@ -1,6 +1,19 @@
|
|||
keys:
|
||||
- &daniel age1stdue5q5teskee057ced6rh9pzzr93xsy66w4sc3zu49rgxl7cjshztt45 # pass age-key | rg '# pub'
|
||||
- &sshd-at-beefcake age1k8s590x34ghz7yrjyrgzkd24j252srf0mhfy34halp4frwr065csrlt2ev # ssh beefcake "nix-shell -p ssh-to-age --run 'cat /etc/ssh/ssh_host_ed25519_key.pub | ssh-to-age'"
|
||||
# list any public keys here
|
||||
|
||||
# pass age-key | rg '# pub'
|
||||
- &daniel age1stdue5q5teskee057ced6rh9pzzr93xsy66w4sc3zu49rgxl7cjshztt45
|
||||
|
||||
# per-host keys can be derived from a target host's ssh keys like so:
|
||||
# ssh host "nix shell nixpkgs#ssh-to-age -c $SHELL -c 'cat /etc/ssh/ssh_host_ed25519_key.pub | ssh-to-age'"
|
||||
- &sshd-at-beefcake age1etv56f7kf78a55lxqtydrdd32dpmsjnxndf4u28qezxn6p7xt9esqvqdq7
|
||||
- &sshd-at-router age1zd7c3g5d20shdftq8ghqm0r92488dg4pdp4gulur7ex3zx2yq35ssxawpn
|
||||
- &sshd-at-dragon age1ez4why08hdx0qf940cjzs6ep4q5rk2gqq7lp99pe58fktpwv65esx4xrht
|
||||
- &ssh-foxtrot age1njnet9ltjuxasqv3ckn67r5natke6xgd8wlx8psf64pyc4duvurqhedw80
|
||||
|
||||
# after updating this file, you may need to update the keys for any associated files like so:
|
||||
# sops updatekeys secrets.file
|
||||
|
||||
creation_rules:
|
||||
- path_regex: secrets/[^/]+\.(ya?ml|json|env|ini)$
|
||||
key_groups:
|
||||
|
@ -11,3 +24,18 @@ creation_rules:
|
|||
- age:
|
||||
- *daniel
|
||||
- *sshd-at-beefcake
|
||||
- path_regex: secrets/router/[^/]+\.(ya?ml|json|env|ini)$
|
||||
key_groups:
|
||||
- age:
|
||||
- *daniel
|
||||
- *sshd-at-router
|
||||
- path_regex: secrets/dragon/[^/]+\.(ya?ml|json|env|ini)$
|
||||
key_groups:
|
||||
- age:
|
||||
- *daniel
|
||||
- *sshd-at-dragon
|
||||
- path_regex: secrets/foxtrot/[^/]+\.(ya?ml|json|env|ini)$
|
||||
key_groups:
|
||||
- age:
|
||||
- *daniel
|
||||
- *ssh-foxtrot
|
||||
|
|
|
@ -1,4 +1,85 @@
|
|||
{
|
||||
{lib, ...}: let
|
||||
inherit (lib.attrsets) mapAttrs' filterAttrs;
|
||||
in {
|
||||
standardWithHibernateSwap = {
|
||||
disks ? ["/dev/sda"],
|
||||
swapSize,
|
||||
...
|
||||
}: {
|
||||
/*
|
||||
this is my standard partitioning scheme for my machines which probably want hibernation capabilities
|
||||
a UEFI-compatible boot partition
|
||||
it includes an LUKS-encrypted btrfs volume
|
||||
a swap partition big enough to dump all the machine's RAM into
|
||||
*/
|
||||
|
||||
disko.devices = {
|
||||
disk = {
|
||||
primary = {
|
||||
type = "disk";
|
||||
device = builtins.elemAt disks 0;
|
||||
content = {
|
||||
type = "gpt";
|
||||
partitions = {
|
||||
ESP = {
|
||||
label = "EFI";
|
||||
name = "ESP";
|
||||
size = "4G";
|
||||
type = "EF00";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "vfat";
|
||||
mountpoint = "/boot";
|
||||
mountOptions = [
|
||||
"defaults"
|
||||
];
|
||||
};
|
||||
};
|
||||
swap = {
|
||||
size = swapSize;
|
||||
content = {
|
||||
type = "swap";
|
||||
discardPolicy = "both";
|
||||
resumeDevice = true; # resume from hiberation from this device
|
||||
};
|
||||
};
|
||||
luks = {
|
||||
size = "100%";
|
||||
content = {
|
||||
type = "luks";
|
||||
name = "crypted";
|
||||
extraOpenArgs = ["--allow-discards"];
|
||||
# if you want to use the key for interactive login be sure there is no trailing newline
|
||||
# for example use `echo -n "password" > /tmp/secret.key`
|
||||
keyFile = "/tmp/secret.key"; # Interactive
|
||||
# settings.keyFile = "/tmp/password.key";
|
||||
# additionalKeyFiles = ["/tmp/additionalSecret.key"];
|
||||
content = {
|
||||
type = "btrfs";
|
||||
extraArgs = ["-f"];
|
||||
subvolumes = {
|
||||
"/nixos" = {
|
||||
mountpoint = "/";
|
||||
mountOptions = ["compress=zstd" "noatime"];
|
||||
};
|
||||
"/home" = {
|
||||
mountpoint = "/home";
|
||||
mountOptions = ["compress=zstd" "noatime"];
|
||||
};
|
||||
"/nix" = {
|
||||
mountpoint = "/nix";
|
||||
mountOptions = ["compress=zstd" "noatime"];
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
standard = {disks ? ["/dev/vda"], ...}: {
|
||||
# this is my standard partitioning scheme for my machines: an LUKS-encrypted
|
||||
# btrfs volume
|
||||
|
@ -61,67 +142,7 @@
|
|||
};
|
||||
};
|
||||
};
|
||||
# TODO: figure out what I can't have an optiona/default 'name' attribute here so I can DRY with "standard"
|
||||
thinker = {disks ? ["/dev/vda"], ...}: {
|
||||
disko.devices = {
|
||||
disk = {
|
||||
vdb = {
|
||||
type = "disk";
|
||||
device = builtins.elemAt disks 0;
|
||||
content = {
|
||||
type = "gpt";
|
||||
partitions = {
|
||||
ESP = {
|
||||
label = "EFI";
|
||||
name = "ESP";
|
||||
size = "512M";
|
||||
type = "EF00";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "vfat";
|
||||
mountpoint = "/boot";
|
||||
mountOptions = [
|
||||
"defaults"
|
||||
];
|
||||
};
|
||||
};
|
||||
luks = {
|
||||
size = "100%";
|
||||
content = {
|
||||
type = "luks";
|
||||
name = "crypted";
|
||||
extraOpenArgs = ["--allow-discards"];
|
||||
# if you want to use the key for interactive login be sure there is no trailing newline
|
||||
# for example use `echo -n "password" > /tmp/secret.key`
|
||||
keyFile = "/tmp/secret.key"; # Interactive
|
||||
# settings.keyFile = "/tmp/password.key";
|
||||
# additionalKeyFiles = ["/tmp/additionalSecret.key"];
|
||||
content = {
|
||||
type = "btrfs";
|
||||
extraArgs = ["-f"];
|
||||
subvolumes = {
|
||||
"/root" = {
|
||||
mountpoint = "/";
|
||||
mountOptions = ["compress=zstd" "noatime"];
|
||||
};
|
||||
"/home" = {
|
||||
mountpoint = "/home";
|
||||
mountOptions = ["compress=zstd" "noatime"];
|
||||
};
|
||||
"/nix" = {
|
||||
mountpoint = "/nix";
|
||||
mountOptions = ["compress=zstd" "noatime"];
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
unencrypted = {disks ? ["/dev/vda"], ...}: {
|
||||
disko.devices = {
|
||||
disk = {
|
||||
|
@ -172,6 +193,203 @@
|
|||
};
|
||||
};
|
||||
};
|
||||
|
||||
beefcake = let
|
||||
zpools = {
|
||||
zroot = {
|
||||
/*
|
||||
TODO: at the time of writing, disko does not support draid6
|
||||
so I'm building/managing the array manually for the time being
|
||||
the root pool is just a single disk right now
|
||||
*/
|
||||
name = "zroot";
|
||||
config = {
|
||||
type = "zpool";
|
||||
# mode = "draid6";
|
||||
rootFsOptions = {
|
||||
compression = "zstd";
|
||||
"com.sun:auto-snapshot" = "false";
|
||||
};
|
||||
mountpoint = "/";
|
||||
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot@blank$' || zfs snapshot zroot@blank";
|
||||
|
||||
datasets = {
|
||||
zfs_fs = {
|
||||
type = "zfs_fs";
|
||||
mountpoint = "/zfs_fs";
|
||||
options."com.sun:auto-snapshot" = "true";
|
||||
};
|
||||
zfs_unmounted_fs = {
|
||||
type = "zfs_fs";
|
||||
options.mountpoint = "none";
|
||||
};
|
||||
zfs_legacy_fs = {
|
||||
type = "zfs_fs";
|
||||
options.mountpoint = "legacy";
|
||||
mountpoint = "/zfs_legacy_fs";
|
||||
};
|
||||
zfs_testvolume = {
|
||||
type = "zfs_volume";
|
||||
size = "10M";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "ext4";
|
||||
mountpoint = "/ext4onzfs";
|
||||
};
|
||||
};
|
||||
encrypted = {
|
||||
type = "zfs_fs";
|
||||
options = {
|
||||
mountpoint = "none";
|
||||
encryption = "aes-256-gcm";
|
||||
keyformat = "passphrase";
|
||||
keylocation = "file:///tmp/secret.key";
|
||||
};
|
||||
# use this to read the key during boot
|
||||
/*
|
||||
postCreateHook = ''
|
||||
zfs set keylocation="prompt" "zroot/$name";
|
||||
'';
|
||||
*/
|
||||
};
|
||||
"encrypted/test" = {
|
||||
type = "zfs_fs";
|
||||
mountpoint = "/zfs_crypted";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
zstorage = {
|
||||
/*
|
||||
PARITY_COUNT=3 NUM_DRIVES=8 HOT_SPARES=2 sudo -E zpool create -f -O mountpoint=none -O compression=on -O xattr=sa -O acltype=posixacl -o ashift=12 -O atime=off -O recordsize=64K zstorage draid{$PARITY_COUNT}:{$NUM_DRIVES}c:{$HOT_SPARES}s /dev/disk/by-id/scsi-35000039548cb637c /dev/disk/by-id/scsi-35000039548cb7c8c /dev/disk/by-id/scsi-35000039548cb85c8 /dev/disk/by-id/scsi-35000039548d9b504 /dev/disk/by-id/scsi-35000039548da2b08 /dev/disk/by-id/scsi-35000039548dad2fc /dev/disk/by-id/scsi-350000399384be921 /dev/disk/by-id/scsi-35000039548db096c
|
||||
sudo zfs create -o mountpoint=legacy zstorage/nix
|
||||
sudo zfs create -o canmount=on -o mountpoint=/storage zstorage/storage
|
||||
*/
|
||||
name = "zstorage";
|
||||
config = {};
|
||||
};
|
||||
};
|
||||
diskClass = {
|
||||
storage = {
|
||||
type = "zfs";
|
||||
pool = zpools.zroot.name;
|
||||
};
|
||||
boot = {
|
||||
content = {
|
||||
type = "gpt";
|
||||
partitions = {
|
||||
ESP = {
|
||||
size = "1G";
|
||||
type = "EF00";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "vfat";
|
||||
mountpoint = "/boot";
|
||||
};
|
||||
};
|
||||
zfs = {
|
||||
size = "100%";
|
||||
content = {
|
||||
type = "zfs";
|
||||
pool = zpools.zroot.name;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
bootDisks = {
|
||||
"/dev/sdi" = {
|
||||
name = "i";
|
||||
enable = true;
|
||||
};
|
||||
"/dev/sdj" = {
|
||||
name = "j";
|
||||
enable = true;
|
||||
}; # TODO: join current boot drive to new boot pool
|
||||
};
|
||||
storageDisks = {
|
||||
"/dev/sda" = {
|
||||
enable = true;
|
||||
name = "a";
|
||||
};
|
||||
"/dev/sdb" = {
|
||||
enable = true;
|
||||
name = "b";
|
||||
};
|
||||
"/dev/sdc" = {
|
||||
enable = true;
|
||||
name = "c";
|
||||
};
|
||||
"/dev/sdd" = {
|
||||
enable = true;
|
||||
name = "d";
|
||||
};
|
||||
|
||||
# TODO: start small
|
||||
"/dev/sde" = {
|
||||
enable = false;
|
||||
name = "e";
|
||||
};
|
||||
"/dev/sdf" = {
|
||||
enable = false;
|
||||
name = "f";
|
||||
};
|
||||
"/dev/sdg" = {
|
||||
enable = false;
|
||||
name = "g";
|
||||
};
|
||||
"/dev/sdh" = {
|
||||
enable = false;
|
||||
name = "h";
|
||||
};
|
||||
|
||||
# gap for two boot drives
|
||||
|
||||
"/dev/sdk" = {
|
||||
enable = false;
|
||||
name = "k";
|
||||
};
|
||||
"/dev/sdl" = {
|
||||
enable = false;
|
||||
name = "l";
|
||||
};
|
||||
"/dev/sdm" = {
|
||||
enable = false;
|
||||
name = "m";
|
||||
};
|
||||
"/dev/sdn" = {
|
||||
# TODO: this is my holding cell for random stuff right now
|
||||
enable = false;
|
||||
name = "n";
|
||||
};
|
||||
};
|
||||
|
||||
diskoBoot = mapAttrs' (device: {name, ...}: {
|
||||
name = "boot-${name}";
|
||||
value = {
|
||||
inherit device;
|
||||
type = "disk";
|
||||
content = diskClass.boot.content;
|
||||
};
|
||||
}) (filterAttrs (_: {enable, ...}: enable) bootDisks);
|
||||
|
||||
diskoStorage = mapAttrs' (device: {name, ...}: {
|
||||
name = "storage-${name}";
|
||||
value = {
|
||||
inherit device;
|
||||
type = "disk";
|
||||
content = diskClass.storage.content;
|
||||
};
|
||||
}) (filterAttrs (_: {enable, ...}: enable) storageDisks);
|
||||
in {
|
||||
disko.devices = {
|
||||
disk = diskoBoot // diskoStorage;
|
||||
zpool = {
|
||||
zroot = zpools.zroot.config;
|
||||
};
|
||||
};
|
||||
};
|
||||
legacy = {disks ? ["/dev/vda"], ...}: {
|
||||
disko.devices = {
|
||||
disk = {
|
||||
|
@ -183,9 +401,9 @@
|
|||
format = "gpt";
|
||||
partitions = [
|
||||
{
|
||||
label = "EFI";
|
||||
name = "ESP";
|
||||
start = "1M";
|
||||
end = "500M";
|
||||
size = "512M";
|
||||
bootable = true;
|
||||
content = {
|
||||
type = "filesystem";
|
||||
|
|
839
flake.lock
839
flake.lock
File diff suppressed because it is too large
Load diff
940
flake.nix
940
flake.nix
|
@ -1,172 +1,45 @@
|
|||
{
|
||||
inputs = {
|
||||
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||
|
||||
home-manager.url = "github:nix-community/home-manager/master";
|
||||
home-manager.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
helix.url = "github:helix-editor/helix/master";
|
||||
helix.inputs.nixpkgs.follows = "nixpkgs";
|
||||
nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11";
|
||||
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixpkgs-unstable";
|
||||
|
||||
disko.url = "github:nix-community/disko/master";
|
||||
disko.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
sops-nix.url = "github:Mic92/sops-nix";
|
||||
sops-nix.inputs.nixpkgs.follows = "nixpkgs";
|
||||
sops-nix.inputs.nixpkgs-stable.follows = "nixpkgs";
|
||||
sops-nix.inputs.nixpkgs.follows = "nixpkgs-unstable";
|
||||
# sops-nix.inputs.nixpkgs-stable.follows = "nixpkgs";
|
||||
|
||||
git-hooks.url = "github:cachix/git-hooks.nix";
|
||||
git-hooks.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
home-manager.url = "github:nix-community/home-manager/release-24.11";
|
||||
home-manager.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
home-manager-unstable.url = "github:nix-community/home-manager";
|
||||
home-manager-unstable.inputs.nixpkgs.follows = "nixpkgs-unstable";
|
||||
|
||||
helix.url = "github:helix-editor/helix/master";
|
||||
hardware.url = "github:nixos/nixos-hardware";
|
||||
# hardware.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
hyprland.url = "github:hyprwm/Hyprland";
|
||||
hyprland.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
api-lyte-dev.url = "git+ssh://gitea@git.lyte.dev/lytedev/api.lyte.dev.git";
|
||||
api-lyte-dev.inputs.nixpkgs.follows = "nixpkgs";
|
||||
wezterm.url = "github:wez/wezterm?dir=nix";
|
||||
wezterm.inputs.nixpkgs.follows = "nixpkgs-unstable";
|
||||
|
||||
ssbm.url = "github:lytedev/ssbm-nix/my-nixpkgs";
|
||||
ssbm.inputs.nixpkgs.follows = "nixpkgs";
|
||||
slippi.url = "github:lytedev/slippi-nix";
|
||||
# slippi.url = "git+file:///home/daniel/code/open-source/slippi-nix";
|
||||
slippi.inputs.nixpkgs.follows = "nixpkgs-unstable";
|
||||
slippi.inputs.home-manager.follows = "home-manager-unstable";
|
||||
|
||||
# doesn't support the forge mod loader yet
|
||||
# nix-minecraft.url = "github:Infinidoge/nix-minecraft";
|
||||
jovian.url = "github:Jovian-Experiments/Jovian-NixOS/development";
|
||||
jovian.inputs.nixpkgs.follows = "nixpkgs-unstable";
|
||||
|
||||
# need to bump ishiiruka upstream I think
|
||||
# slippi-desktop.url = "github:project-slippi/slippi-desktop-app";
|
||||
# slippi-desktop.flake = false;
|
||||
# ssbm.inputs.slippi-desktop.follows = "slippi-desktop";
|
||||
# nnf.url = "github:thelegy/nixos-nftables-firewall?rev=71fc2b79358d0dbacde83c806a0f008ece567b7b";
|
||||
|
||||
mobile-nixos = {
|
||||
url = "github:lytedev/mobile-nixos";
|
||||
flake = false;
|
||||
};
|
||||
|
||||
outputs = {
|
||||
self,
|
||||
nixpkgs,
|
||||
home-manager,
|
||||
...
|
||||
} @ inputs: let
|
||||
inherit (self) outputs;
|
||||
|
||||
systems = [
|
||||
"aarch64-linux"
|
||||
# "i686-linux"
|
||||
"x86_64-linux"
|
||||
"aarch64-darwin"
|
||||
"x86_64-darwin"
|
||||
];
|
||||
|
||||
forAllSystems = nixpkgs.lib.genAttrs systems;
|
||||
|
||||
color-schemes = (import ./lib/colors.nix inputs).schemes;
|
||||
colors = color-schemes.catppuccin-mocha-sapphire;
|
||||
# colors = (import ./lib/colors.nix inputs).color-schemes.donokai;
|
||||
font = {
|
||||
name = "IosevkaLyteTerm";
|
||||
size = 12;
|
||||
};
|
||||
in {
|
||||
colors = colors;
|
||||
font = font;
|
||||
|
||||
# Your custom packages
|
||||
# Acessible through 'nix build', 'nix shell', etc
|
||||
packages = forAllSystems (system: import ./pkgs nixpkgs.legacyPackages.${system});
|
||||
|
||||
# Formatter for your nix files, available through 'nix fmt'
|
||||
# Other options beside 'alejandra' include 'nixpkgs-fmt'
|
||||
formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.alejandra);
|
||||
|
||||
# Your custom packages and modifications, exported as overlays
|
||||
overlays = import ./overlays {inherit inputs;};
|
||||
|
||||
# Reusable nixos modules you might want to export
|
||||
# These are usually stuff you would upstream into nixpkgs
|
||||
nixosModules = import ./modules/nixos;
|
||||
|
||||
# Reusable home-manager modules you might want to export
|
||||
# These are usually stuff you would upstream into home-manager
|
||||
homeManagerModules = import ./modules/home-manager;
|
||||
|
||||
# NixOS configuration entrypoint
|
||||
# Available through 'nixos-rebuild --flake .#your-hostname'
|
||||
nixosConfigurations = let
|
||||
mkNixosSystem = system: modules: homeManagerModules:
|
||||
nixpkgs.lib.nixosSystem {
|
||||
system = system;
|
||||
specialArgs = {
|
||||
inherit inputs outputs system colors font;
|
||||
flake = self;
|
||||
};
|
||||
modules =
|
||||
[
|
||||
inputs.sops-nix.nixosModules.sops
|
||||
self.nixosModules.common
|
||||
]
|
||||
++ modules
|
||||
++ [
|
||||
inputs.home-manager.nixosModules.home-manager
|
||||
{
|
||||
home-manager = {
|
||||
extraSpecialArgs = {inherit inputs outputs system colors font;};
|
||||
users.daniel = {
|
||||
imports = homeManagerModules;
|
||||
};
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
base = mkNixosSystem "x86_64-linux" [./nixos/base] [outputs.homeManagerModules.base];
|
||||
in {
|
||||
base = base;
|
||||
nixos = base; # alias
|
||||
thablet = mkNixosSystem "x86_64-linux" [./nixos/thablet] [outputs.homeManagerModules.base];
|
||||
thinker = mkNixosSystem "x86_64-linux" [./nixos/thinker] [outputs.homeManagerModules.thinker];
|
||||
foxtrot = mkNixosSystem "x86_64-linux" [./nixos/foxtrot] [
|
||||
outputs.homeManagerModules.foxtrot
|
||||
];
|
||||
beefcake =
|
||||
mkNixosSystem "x86_64-linux" [
|
||||
inputs.api-lyte-dev.nixosModules.x86_64-linux.api-lyte-dev
|
||||
./nixos/beefcake
|
||||
] (with outputs.homeManagerModules; [
|
||||
linux
|
||||
]);
|
||||
rascal = mkNixosSystem "x86_64-linux" [./nixos/rascal] [
|
||||
outputs.homeManagerModules.linux
|
||||
];
|
||||
musicbox = mkNixosSystem "x86_64-linux" [./nixos/musicbox] [outputs.homeManagerModules.sway];
|
||||
router = mkNixosSystem "x86_64-linux" [./nixos/router] [outputs.homeManagerModules.common];
|
||||
};
|
||||
|
||||
# Standalone home-manager configuration entrypoint
|
||||
# Available through 'home-manager --flake .#your-username@your-hostname'
|
||||
homeConfigurations = {
|
||||
# TODO: non-system-specific home configurations?
|
||||
"base-x86_64-linux" = let
|
||||
system = "x86_64-linux";
|
||||
in
|
||||
home-manager.lib.homeManagerConfiguration {
|
||||
pkgs = nixpkgs.legacyPackages.${system};
|
||||
extraSpecialArgs = {inherit inputs outputs system colors font;};
|
||||
modules = with outputs.homeManagerModules; [linux];
|
||||
};
|
||||
"base-aarch64-darwin" = let
|
||||
system = "aarch64-darwin";
|
||||
in
|
||||
home-manager.lib.homeManagerConfiguration {
|
||||
pkgs = nixpkgs.legacyPackages.${system};
|
||||
extraSpecialArgs = {inherit inputs outputs system colors font;};
|
||||
modules = with outputs.homeManagerModules; [macos];
|
||||
};
|
||||
};
|
||||
|
||||
# TODO: nix-on-droid for phone terminal usage?
|
||||
# TODO: nix-darwin for work?
|
||||
# TODO: nixos ISO?
|
||||
|
||||
# Disk partition schemes and functions
|
||||
diskoConfigurations = import ./disko;
|
||||
|
||||
# Flake templates for easily setting up Nix in a project using common patterns I like
|
||||
templates = import ./templates/all.nix;
|
||||
};
|
||||
|
||||
nixConfig = {
|
||||
|
@ -177,13 +50,770 @@
|
|||
"https://helix.cachix.org"
|
||||
"https://nix-community.cachix.org"
|
||||
"https://nix.h.lyte.dev"
|
||||
"https://hyprland.cachix.org"
|
||||
];
|
||||
|
||||
extra-trusted-public-keys = [
|
||||
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
|
||||
"helix.cachix.org-1:ejp9KQpR1FBI2onstMQ34yogDm4OgU2ru6lIwPvuCVs="
|
||||
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
||||
"h.lyte.dev:HeVWtne31ZG8iMf+c15VY3/Mky/4ufXlfTpT8+4Xbs0="
|
||||
"h.lyte.dev-2:te9xK/GcWPA/5aXav8+e5RHImKYMug8hIIbhHsKPN0M="
|
||||
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
|
||||
];
|
||||
};
|
||||
|
||||
outputs = {
|
||||
self,
|
||||
nixpkgs,
|
||||
nixpkgs-unstable,
|
||||
disko,
|
||||
sops-nix,
|
||||
git-hooks,
|
||||
wezterm,
|
||||
home-manager,
|
||||
home-manager-unstable,
|
||||
helix,
|
||||
hardware,
|
||||
jovian,
|
||||
mobile-nixos,
|
||||
# nnf,
|
||||
# hyprland,
|
||||
slippi,
|
||||
...
|
||||
}: let
|
||||
inherit (self) outputs;
|
||||
inherit (outputs) nixosModules homeManagerModules overlays;
|
||||
|
||||
# TODO: make @ inputs unnecessary by making arguments explicit in all modules?
|
||||
systems = ["aarch64-linux" "aarch64-darwin" "x86_64-darwin" "x86_64-linux"];
|
||||
forSystems = nixpkgs.lib.genAttrs systems;
|
||||
pkgsFor = system: (import nixpkgs {inherit system;}).extend overlays.default;
|
||||
genPkgs = func: (forSystems (system: func (pkgsFor system)));
|
||||
# pkg = callee: overrides: genPkgs (pkgs: pkgs.callPackage callee overrides);
|
||||
|
||||
unstable = {
|
||||
forSystems = nixpkgs-unstable.lib.genAttrs systems;
|
||||
pkgsFor = system: (import nixpkgs-unstable {inherit system;}).extend overlays.default;
|
||||
genPkgs = func: (forSystems (system: func (pkgsFor system)));
|
||||
pkg = callee: overrides: genPkgs (pkgs: pkgs.callPackage callee overrides);
|
||||
};
|
||||
|
||||
style = {
|
||||
colors = (import ./lib/colors.nix {inherit (nixpkgs) lib;}).schemes.catppuccin-mocha-sapphire;
|
||||
|
||||
font = {
|
||||
name = "IosevkaLyteTerm";
|
||||
size = 12;
|
||||
};
|
||||
};
|
||||
|
||||
/*
|
||||
moduleArgs = {
|
||||
# inherit style;
|
||||
inherit helix slippi hyprland hardware disko home-manager;
|
||||
inherit (outputs) nixosModules homeManagerModules diskoConfigurations overlays;
|
||||
};
|
||||
*/
|
||||
|
||||
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAPLXOjupz3ScYjgrF+ehrbp9OvGAWQLI6fplX6w9Ijb daniel@lyte.dev";
|
||||
in {
|
||||
/*
|
||||
kind of a quirk, but package definitions are actually in the "additions"
|
||||
overlay I did this to work around some recursion problems
|
||||
TODO: https://discourse.nixos.org/t/infinite-recursion-getting-started-with-overlays/48880
|
||||
*/
|
||||
packages = genPkgs (pkgs: {inherit (pkgs) iosevkaLyteTerm iosevkaLyteTermSubset nix-base-container-image;});
|
||||
diskoConfigurations = import ./disko {inherit (nixpkgs) lib;};
|
||||
templates = import ./templates;
|
||||
formatter = genPkgs (p: p.alejandra);
|
||||
|
||||
checks = genPkgs ({system, ...}: {
|
||||
git-hooks = git-hooks.lib.${system}.run {
|
||||
src = ./.;
|
||||
hooks = {
|
||||
alejandra.enable = true;
|
||||
};
|
||||
};
|
||||
});
|
||||
|
||||
devShells = genPkgs ({
|
||||
system,
|
||||
pkgs,
|
||||
mkShell,
|
||||
...
|
||||
}: {
|
||||
default = mkShell {
|
||||
inherit (outputs.checks.${system}.git-hooks) shellHook;
|
||||
packages = with pkgs; [
|
||||
lua-language-server
|
||||
nodePackages.bash-language-server
|
||||
];
|
||||
};
|
||||
});
|
||||
|
||||
overlays = {
|
||||
# the default overlay composes all the other overlays together
|
||||
default = final: prev: {
|
||||
overlays = with overlays; [
|
||||
additions
|
||||
modifications
|
||||
unstable-packages
|
||||
];
|
||||
};
|
||||
|
||||
additions = final: prev: let
|
||||
iosevkaLyteTerm = prev.callPackage ./packages/iosevkaLyteTerm.nix {};
|
||||
in {
|
||||
inherit iosevkaLyteTerm;
|
||||
iosevkaLyteTermSubset = prev.callPackage ./packages/iosevkaLyteTermSubset.nix {
|
||||
inherit iosevkaLyteTerm;
|
||||
};
|
||||
nix-base-container-image = final.dockerTools.buildImageWithNixDb {
|
||||
name = "git.lyte.dev/lytedev/nix";
|
||||
tag = "latest";
|
||||
|
||||
copyToRoot = with final; [
|
||||
bash
|
||||
coreutils
|
||||
curl
|
||||
gawk
|
||||
gitFull
|
||||
git-lfs
|
||||
gnused
|
||||
nodejs
|
||||
wget
|
||||
sudo
|
||||
nixVersions.stable
|
||||
cacert
|
||||
gnutar
|
||||
gzip
|
||||
openssh
|
||||
xz
|
||||
(pkgs.writeTextFile {
|
||||
name = "nix.conf";
|
||||
destination = "/etc/nix/nix.conf";
|
||||
text = ''
|
||||
accept-flake-config = true
|
||||
experimental-features = nix-command flakes
|
||||
build-users-group =
|
||||
substituters = https://nix.h.lyte.dev https://cache.nixos.org/
|
||||
trusted-substituters = https://nix.h.lyte.dev https://cache.nixos.org/
|
||||
trusted-public-keys = h.lyte.dev:HeVWtne31ZG8iMf+c15VY3/Mky/4ufXlfTpT8+4Xbs0= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
|
||||
'';
|
||||
})
|
||||
];
|
||||
|
||||
extraCommands = ''
|
||||
# enable /usr/bin/env for scripts
|
||||
mkdir -p usr
|
||||
ln -s ../bin usr/bin
|
||||
|
||||
# create /tmp
|
||||
mkdir -p tmp
|
||||
|
||||
# create HOME
|
||||
mkdir -vp root
|
||||
'';
|
||||
config = {
|
||||
Cmd = ["/bin/bash"];
|
||||
Env = [
|
||||
"LANG=en_GB.UTF-8"
|
||||
"ENV=/etc/profile.d/nix.sh"
|
||||
"BASH_ENV=/etc/profile.d/nix.sh"
|
||||
"NIX_BUILD_SHELL=/bin/bash"
|
||||
"PAGER=cat"
|
||||
"PATH=/usr/bin:/bin"
|
||||
"SSL_CERT_FILE=${final.cacert}/etc/ssl/certs/ca-bundle.crt"
|
||||
"USER=root"
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
modifications = final: prev: let
|
||||
wezterm-input = wezterm;
|
||||
in rec {
|
||||
helix = helix.outputs.packages.${prev.system}.helix;
|
||||
final.helix = helix;
|
||||
/*
|
||||
TODO: would love to use a current wezterm build so I can make use of ssh/mux functionality without breakage
|
||||
source: https://github.com/wez/wezterm/issues/3771
|
||||
not-yet-merged (abandoned?): https://github.com/wez/wezterm/pull/4737
|
||||
I did try using the latest code via the flake, but alas it did not resolve my issues with mux'ing
|
||||
*/
|
||||
wezterm = wezterm-input.outputs.packages.${prev.system}.default;
|
||||
# wezterm = (import nixpkgs {inherit (prev) system;}).wezterm;
|
||||
final.wezterm = wezterm;
|
||||
|
||||
# zellij = prev.zellij.overrideAttrs rec {
|
||||
# version = "0.41.0";
|
||||
# src = prev.fetchFromGitHub {
|
||||
# owner = "zellij-org";
|
||||
# repo = "zellij";
|
||||
# rev = "v0.41.0";
|
||||
# hash = "sha256-A+JVWYz0t9cVA8XZciOwDkCecsC2r5TU2O9i9rVg7do=";
|
||||
# };
|
||||
# cargoDeps = prev.zellij.cargoDeps.overrideAttrs (prev.lib.const {
|
||||
# name = "zellij-vendor.tar.gz";
|
||||
# inherit src;
|
||||
# outputHash = "sha256-WxrMI7fV0pNsGjbNpXLr+xnMdWYkC4WxIeN4OK3ZPIE=";
|
||||
# });
|
||||
# };
|
||||
# final.zellij = zellij;
|
||||
};
|
||||
|
||||
unstable-packages = final: _prev: {
|
||||
unstable-packages = import nixpkgs-unstable {
|
||||
system = final.system;
|
||||
config.allowUnfree = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
nixosModules = import ./modules/nixos {
|
||||
inherit home-manager home-manager-unstable helix nixosModules homeManagerModules pubkey overlays style sops-nix disko;
|
||||
flakeInputs = self.inputs;
|
||||
};
|
||||
|
||||
homeManagerModules = import ./modules/home-manager {
|
||||
inherit home-manager home-manager-unstable helix nixosModules homeManagerModules pubkey overlays style;
|
||||
inherit (nixpkgs) lib;
|
||||
flakeInputs = self.inputs;
|
||||
};
|
||||
|
||||
nixosConfigurations = {
|
||||
beefcake = let
|
||||
system = "x86_64-linux";
|
||||
in
|
||||
nixpkgs.lib.nixosSystem {
|
||||
inherit system;
|
||||
modules = with nixosModules; [
|
||||
home-manager-defaults
|
||||
|
||||
# TODO: disko?
|
||||
hardware.nixosModules.common-cpu-intel
|
||||
|
||||
outputs.nixosModules.deno-netlify-ddns-client
|
||||
{
|
||||
services.deno-netlify-ddns-client = {
|
||||
enable = true;
|
||||
username = "beefcake.h";
|
||||
# TODO: router doesn't even do ipv6 yet...
|
||||
ipv6 = false;
|
||||
};
|
||||
}
|
||||
|
||||
family-users
|
||||
common
|
||||
podman
|
||||
troubleshooting-tools
|
||||
virtual-machines
|
||||
virtual-machines-gui
|
||||
linux
|
||||
fonts
|
||||
|
||||
./nixos/beefcake.nix
|
||||
|
||||
{
|
||||
services.kanidm.package = (unstable.pkgsFor system).kanidm;
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
dragon = nixpkgs-unstable.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = with nixosModules; [
|
||||
home-manager-unstable-defaults
|
||||
|
||||
outputs.diskoConfigurations.standard
|
||||
hardware.nixosModules.common-cpu-amd
|
||||
hardware.nixosModules.common-pc-ssd
|
||||
|
||||
common
|
||||
password-manager
|
||||
wifi
|
||||
graphical-workstation
|
||||
virtual-machines
|
||||
virtual-machines-gui
|
||||
music-production
|
||||
# plasma6
|
||||
gaming
|
||||
slippi.nixosModules.default
|
||||
|
||||
outputs.nixosModules.deno-netlify-ddns-client
|
||||
{
|
||||
services.deno-netlify-ddns-client = {
|
||||
enable = true;
|
||||
username = "dragon.h";
|
||||
# TODO: router doesn't even do ipv6 yet...
|
||||
ipv6 = false;
|
||||
};
|
||||
}
|
||||
|
||||
./nixos/dragon.nix
|
||||
|
||||
{
|
||||
home-manager.users.daniel = {
|
||||
imports = with homeManagerModules; [
|
||||
senpai
|
||||
iex
|
||||
cargo
|
||||
firefox-no-tabs
|
||||
linux-desktop-environment-config
|
||||
slippi.homeManagerModules.default
|
||||
];
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
bigtower = nixpkgs-unstable.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = with nixosModules; [
|
||||
home-manager-unstable-defaults
|
||||
|
||||
outputs.diskoConfigurations.unencrypted
|
||||
hardware.nixosModules.common-cpu-amd
|
||||
hardware.nixosModules.common-pc-ssd
|
||||
|
||||
common
|
||||
# wifi
|
||||
graphical-workstation
|
||||
music-production
|
||||
gaming
|
||||
|
||||
./nixos/bigtower.nix
|
||||
|
||||
{
|
||||
home-manager.users.daniel = {
|
||||
imports = with homeManagerModules; [
|
||||
firefox-no-tabs
|
||||
linux-desktop-environment-config
|
||||
];
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
htpc = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = with nixosModules; [
|
||||
home-manager-defaults
|
||||
|
||||
hardware.nixosModules.common-pc-ssd
|
||||
common
|
||||
gaming
|
||||
graphical-workstation
|
||||
plasma6
|
||||
|
||||
./nixos/htpc.nix
|
||||
|
||||
{
|
||||
home-manager.users.daniel = {
|
||||
imports = with homeManagerModules; [
|
||||
linux-desktop-environment-config
|
||||
];
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
steamdeck1 = nixpkgs-unstable.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = with nixosModules; [
|
||||
home-manager-unstable-defaults
|
||||
|
||||
outputs.diskoConfigurations.standard
|
||||
hardware.nixosModules.common-pc-ssd
|
||||
common
|
||||
gaming
|
||||
graphical-workstation
|
||||
plasma6
|
||||
|
||||
jovian.outputs.nixosModules.jovian
|
||||
|
||||
{
|
||||
networking.hostName = "steamdeck1";
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
hardware.bluetooth.enable = true;
|
||||
networking.networkmanager.enable = true;
|
||||
|
||||
home-manager.users.daniel = {
|
||||
imports = with homeManagerModules; [
|
||||
firefox-no-tabs
|
||||
linux-desktop-environment-config
|
||||
];
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
foxtrot = nixpkgs-unstable.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = with nixosModules; [
|
||||
home-manager-unstable-defaults
|
||||
|
||||
outputs.diskoConfigurations.standard
|
||||
hardware.nixosModules.framework-13-7040-amd
|
||||
|
||||
common
|
||||
kde-connect
|
||||
password-manager
|
||||
graphical-workstation
|
||||
# plasma6
|
||||
virtual-machines
|
||||
virtual-machines-gui
|
||||
laptop
|
||||
gaming
|
||||
cross-compiler
|
||||
|
||||
./nixos/foxtrot.nix
|
||||
|
||||
({pkgs, ...}: {
|
||||
home-manager.users.daniel = {
|
||||
imports = with homeManagerModules; [
|
||||
senpai
|
||||
iex
|
||||
cargo
|
||||
firefox-no-tabs
|
||||
linux-desktop-environment-config
|
||||
];
|
||||
};
|
||||
environment.systemPackages = with pkgs; [
|
||||
fw-ectool
|
||||
(writeShellApplication
|
||||
{
|
||||
name = "reset-wifi-module";
|
||||
runtimeInputs = with pkgs; [kmod];
|
||||
text = ''
|
||||
modprobe -rv mt7921e
|
||||
modprobe -v mt7921e
|
||||
'';
|
||||
})
|
||||
(writeShellApplication
|
||||
{
|
||||
name = "perfmode";
|
||||
# we use command -v $cmd here because we only want to invoke these calls _if_ the related package is installed on the system
|
||||
# otherwise, they will likely have no effect anyways
|
||||
text = ''
|
||||
command -v powerprofilesctl &>/dev/null && bash -x -c 'powerprofilesctl set balanced'
|
||||
command -v swaymsg &>/dev/null && bash -x -c 'swaymsg output eDP-1 mode 2880x1920@120Hz'
|
||||
'';
|
||||
})
|
||||
(writeShellApplication
|
||||
{
|
||||
name = "battmode";
|
||||
text = ''
|
||||
command -v powerprofilesctl &>/dev/null && bash -x -c 'powerprofilesctl set power-saver'
|
||||
command -v swaymsg &>/dev/null && bash -x -c 'swaymsg output eDP-1 mode 2880x1920@60Hz'
|
||||
'';
|
||||
})
|
||||
];
|
||||
})
|
||||
];
|
||||
};
|
||||
|
||||
thablet = nixpkgs-unstable.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = with nixosModules; [
|
||||
home-manager-unstable-defaults
|
||||
outputs.diskoConfigurations.standard
|
||||
hardware.nixosModules.lenovo-thinkpad-x1-yoga
|
||||
|
||||
common
|
||||
password-manager
|
||||
graphical-workstation
|
||||
plasma6
|
||||
music-production
|
||||
laptop
|
||||
gaming
|
||||
|
||||
./nixos/thablet.nix
|
||||
|
||||
{
|
||||
home-manager.users.daniel = {
|
||||
imports = with homeManagerModules; [
|
||||
senpai
|
||||
iex
|
||||
cargo
|
||||
firefox-no-tabs
|
||||
linux-desktop-environment-config
|
||||
# slippi.homeManagerModules.default
|
||||
];
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
/*
|
||||
grablet = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = with nixosModules; [
|
||||
common
|
||||
|
||||
outputs.diskoConfigurations.standard
|
||||
hardware.nixosModules.common-cpu-intel-kaby-lake
|
||||
hardware.nixosModules.common-pc-laptopp-ssd
|
||||
graphical-workstation
|
||||
laptop
|
||||
gaming
|
||||
|
||||
./nixos/thablet.nix
|
||||
|
||||
{
|
||||
home-manager.users.daniel = {
|
||||
imports = with homeManagerModules; [
|
||||
iex
|
||||
cargo
|
||||
linux-desktop-environment-config
|
||||
];
|
||||
};
|
||||
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
|
||||
}
|
||||
];
|
||||
};
|
||||
*/
|
||||
|
||||
thinker = nixpkgs-unstable.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = with nixosModules; [
|
||||
home-manager-unstable-defaults
|
||||
|
||||
{
|
||||
_module.args = {
|
||||
disks = ["/dev/nvme0n1"];
|
||||
swapSize = "32G";
|
||||
};
|
||||
}
|
||||
outputs.diskoConfigurations.standardWithHibernateSwap
|
||||
hardware.nixosModules.lenovo-thinkpad-t480
|
||||
hardware.nixosModules.common-pc-laptop-ssd
|
||||
|
||||
music-production
|
||||
common
|
||||
password-manager
|
||||
graphical-workstation
|
||||
plasma6
|
||||
laptop
|
||||
gaming
|
||||
|
||||
./nixos/thinker.nix
|
||||
|
||||
{
|
||||
home-manager.users.daniel = {
|
||||
imports = with homeManagerModules; [
|
||||
senpai
|
||||
iex
|
||||
cargo
|
||||
firefox-no-tabs
|
||||
linux-desktop-environment-config
|
||||
slippi.homeManagerModules.default
|
||||
];
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
musicbox = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = with nixosModules; [
|
||||
home-manager-defaults
|
||||
|
||||
{
|
||||
_module.args = {
|
||||
disks = ["/dev/sda"];
|
||||
# swapSize = "8G";
|
||||
};
|
||||
}
|
||||
outputs.diskoConfigurations.unencrypted
|
||||
hardware.nixosModules.common-pc-laptop-ssd
|
||||
|
||||
music-production
|
||||
common
|
||||
graphical-workstation
|
||||
wifi
|
||||
|
||||
# ./nixos/musicbox.nix
|
||||
|
||||
{
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
hardware.bluetooth.enable = true;
|
||||
networking.networkmanager.enable = true;
|
||||
|
||||
home-manager.users.daniel = {
|
||||
imports = with homeManagerModules; [
|
||||
firefox-no-tabs
|
||||
linux-desktop-environment-config
|
||||
];
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
rascal = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = with nixosModules; [
|
||||
home-manager-defaults
|
||||
hardware.nixosModules.common-cpu-amd
|
||||
common
|
||||
linux
|
||||
./nixos/rascal.nix
|
||||
];
|
||||
};
|
||||
|
||||
router = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = with nixosModules; [
|
||||
home-manager-defaults
|
||||
outputs.diskoConfigurations.unencrypted
|
||||
common
|
||||
linux
|
||||
troubleshooting-tools
|
||||
|
||||
outputs.nixosModules.deno-netlify-ddns-client
|
||||
{
|
||||
services.deno-netlify-ddns-client = {
|
||||
enable = true;
|
||||
username = "router.h";
|
||||
# TODO: ipv6
|
||||
ipv6 = false;
|
||||
};
|
||||
}
|
||||
|
||||
/*
|
||||
NOTE: maybe use this someday, but I think I need more concrete
|
||||
networking knowledge before I know how to use it well. Additionally,
|
||||
I can use my existing firewall configuration more easily if I manage
|
||||
it directly.
|
||||
nnf.nixosModules.default
|
||||
*/
|
||||
|
||||
./nixos/router.nix
|
||||
];
|
||||
};
|
||||
|
||||
# pinephone-image =
|
||||
# (import "${mobile-nixos}/lib/eval-with-configuration.nix" {
|
||||
# configuration = with nixosModules; [
|
||||
# linux
|
||||
# home-manager-defaults
|
||||
|
||||
# # outputs.diskoConfigurations.unencrypted # can I even disko with an image-based installation?
|
||||
# common
|
||||
# wifi
|
||||
|
||||
# # TODO: how do I get a minimally useful mobile environment?
|
||||
# # for me, this means an on-screen keyboard and suspend support I think?
|
||||
# # I can live in a tty if needed and graphical stuff can all evolve later
|
||||
# # not worried about modem
|
||||
# # maybe/hopefully I can pull in or define my own sxmo via nix?
|
||||
# ];
|
||||
# device = "pine64-pinephone";
|
||||
# pkgs = pkgsFor "aarch64-linux";
|
||||
# })
|
||||
# .outputs
|
||||
# .disk-image;
|
||||
|
||||
pinephone = let
|
||||
inherit (nixpkgs-unstable) lib;
|
||||
in
|
||||
lib.nixosSystem {
|
||||
system = "aarch64-linux";
|
||||
# lib.nixosSystem {
|
||||
|
||||
modules = with nixosModules; [
|
||||
{
|
||||
imports = [
|
||||
(import "${mobile-nixos}/lib/configuration.nix" {
|
||||
device = "pine64-pinephone";
|
||||
})
|
||||
];
|
||||
|
||||
# nixpkgs.hostPlatform.system = "aarch64-linux";
|
||||
nixpkgs.buildPlatform = "x86_64-linux";
|
||||
|
||||
# TODO: quirk: since the pinephone kernel doesn't seem to have "rpfilter" support, firewall ain't working
|
||||
networking.firewall.enable = lib.mkForce false;
|
||||
|
||||
# TODO: quirk: since git send-email requires perl support, which we don't seem to have on the pinephone, we're just disabling git for now
|
||||
# TODO: would likely be easier/better to somehow ignore the assertion? probably a way to do that...
|
||||
programs.git.enable = lib.mkForce false;
|
||||
|
||||
# this option is conflicted, presumably due to some assumption in my defaults/common config
|
||||
# the sd-image module we're importing above has this set to true, so we better go with that?
|
||||
# that said, I think the mobile-nixos bootloader module has this set to false, so...
|
||||
# TODO: what does this mean?
|
||||
boot.loader.generic-extlinux-compatible.enable = lib.mkForce true;
|
||||
|
||||
# another conflicting option since I think I default to NetworkManager and this conflicts with networking.wireless.enable
|
||||
networking.networkmanager.enable = lib.mkForce false;
|
||||
networking.wireless.enable = lib.mkForce true;
|
||||
}
|
||||
|
||||
# TODO: how do I build this as a .img to flash to an SD card?
|
||||
|
||||
# for testing, this seems to work `nixos-rebuild build --impure --flake .#pinephone`
|
||||
|
||||
# TODO: would like to use the mobile-nixos installer?
|
||||
"${nixpkgs-unstable}/nixos/modules/installer/sd-card/sd-image-aarch64-installer.nix"
|
||||
|
||||
linux
|
||||
home-manager-unstable-defaults
|
||||
|
||||
# outputs.diskoConfigurations.unencrypted # can I even disko with an image-based installation?
|
||||
common
|
||||
wifi
|
||||
|
||||
{
|
||||
system.stateVersion = "24.11";
|
||||
}
|
||||
|
||||
{
|
||||
# nixpkgs.buildPlatform = "x86_64-linux";
|
||||
# nixpkgs.hostPlatform = lib.systems.examples.aarch64-multiplatform;
|
||||
# nixpkgs.localSystem.system = lib.systems.examples.x86_64-linux;
|
||||
# nixpkgs.crossSystem = lib.mkForce null;
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
images.pinephone = outputs.nixosConfigurations.pinephone.config.system.build.sdImage;
|
||||
|
||||
homeConfigurations = {
|
||||
"deck" = let
|
||||
system = "x86_64-linux";
|
||||
pkgs = unstable.pkgsFor system;
|
||||
in
|
||||
home-manager-unstable.lib.homeManagerConfiguration {
|
||||
inherit pkgs;
|
||||
modules = with homeManagerModules; [
|
||||
common
|
||||
{
|
||||
home = {
|
||||
homeDirectory = "/home/deck";
|
||||
username = "deck";
|
||||
stateVersion = "24.11";
|
||||
};
|
||||
}
|
||||
{
|
||||
home.packages = with pkgs; [
|
||||
ludusavi
|
||||
rclone
|
||||
];
|
||||
}
|
||||
linux
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
/*
|
||||
TODO: nix-on-droid for phone terminal usage? mobile-nixos?
|
||||
TODO: nix-darwin for work?
|
||||
TODO: nixos ISO?
|
||||
*/
|
||||
};
|
||||
}
|
||||
|
|
BIN
images/Nix_snowflake_lytedev.png
Normal file
BIN
images/Nix_snowflake_lytedev.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 28 KiB |
380
images/Nix_snowflake_lytedev.svg
Normal file
380
images/Nix_snowflake_lytedev.svg
Normal file
|
@ -0,0 +1,380 @@
|
|||
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
|
||||
<!-- Created with Inkscape (http://www.inkscape.org/) -->
|
||||
|
||||
<svg
|
||||
width="141.5919mm"
|
||||
height="122.80626mm"
|
||||
viewBox="0 0 501.70361 435.14028"
|
||||
id="svg2"
|
||||
version="1.1"
|
||||
inkscape:version="1.3.2 (091e20ef0f, 2023-11-25)"
|
||||
sodipodi:docname="Nix_snowflake_lytedev.svg"
|
||||
inkscape:export-filename="Nix_snowflake_lytedev.png"
|
||||
inkscape:export-xdpi="96"
|
||||
inkscape:export-ydpi="96"
|
||||
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
|
||||
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
|
||||
xmlns:xlink="http://www.w3.org/1999/xlink"
|
||||
xmlns="http://www.w3.org/2000/svg"
|
||||
xmlns:svg="http://www.w3.org/2000/svg"
|
||||
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
|
||||
xmlns:cc="http://creativecommons.org/ns#"
|
||||
xmlns:dc="http://purl.org/dc/elements/1.1/">
|
||||
<defs
|
||||
id="defs4">
|
||||
<linearGradient
|
||||
inkscape:collect="always"
|
||||
id="linearGradient5562">
|
||||
<stop
|
||||
style="stop-color:#699ad7;stop-opacity:1"
|
||||
offset="0"
|
||||
id="stop5564" />
|
||||
<stop
|
||||
id="stop5566"
|
||||
offset="0.24345198"
|
||||
style="stop-color:#7eb1dd;stop-opacity:1" />
|
||||
<stop
|
||||
style="stop-color:#7ebae4;stop-opacity:1"
|
||||
offset="1"
|
||||
id="stop5568" />
|
||||
</linearGradient>
|
||||
<linearGradient
|
||||
inkscape:collect="always"
|
||||
id="linearGradient5053">
|
||||
<stop
|
||||
style="stop-color:#415e9a;stop-opacity:1"
|
||||
offset="0"
|
||||
id="stop5055" />
|
||||
<stop
|
||||
id="stop5057"
|
||||
offset="0.23168644"
|
||||
style="stop-color:#4a6baf;stop-opacity:1" />
|
||||
<stop
|
||||
style="stop-color:#5277c3;stop-opacity:1"
|
||||
offset="1"
|
||||
id="stop5059" />
|
||||
</linearGradient>
|
||||
<linearGradient
|
||||
id="linearGradient5960"
|
||||
inkscape:collect="always">
|
||||
<stop
|
||||
id="stop5962"
|
||||
offset="0"
|
||||
style="stop-color:#637ddf;stop-opacity:1" />
|
||||
<stop
|
||||
style="stop-color:#649afa;stop-opacity:1"
|
||||
offset="0.23168644"
|
||||
id="stop5964" />
|
||||
<stop
|
||||
id="stop5966"
|
||||
offset="1"
|
||||
style="stop-color:#719efa;stop-opacity:1" />
|
||||
</linearGradient>
|
||||
<linearGradient
|
||||
inkscape:collect="always"
|
||||
id="linearGradient5867">
|
||||
<stop
|
||||
style="stop-color:#7363df;stop-opacity:1"
|
||||
offset="0"
|
||||
id="stop5869" />
|
||||
<stop
|
||||
id="stop5871"
|
||||
offset="0.23168644"
|
||||
style="stop-color:#6478fa;stop-opacity:1" />
|
||||
<stop
|
||||
style="stop-color:#719efa;stop-opacity:1"
|
||||
offset="1"
|
||||
id="stop5873" />
|
||||
</linearGradient>
|
||||
<linearGradient
|
||||
y2="515.97058"
|
||||
x2="282.26105"
|
||||
y1="338.62445"
|
||||
x1="213.95642"
|
||||
gradientTransform="translate(983.36076,601.38885)"
|
||||
gradientUnits="userSpaceOnUse"
|
||||
id="linearGradient5855"
|
||||
xlink:href="#linearGradient5960"
|
||||
inkscape:collect="always" />
|
||||
<linearGradient
|
||||
y2="515.97058"
|
||||
x2="282.26105"
|
||||
y1="338.62445"
|
||||
x1="213.95642"
|
||||
gradientTransform="translate(-197.75174,-337.1451)"
|
||||
gradientUnits="userSpaceOnUse"
|
||||
id="linearGradient5855-8"
|
||||
xlink:href="#linearGradient5867"
|
||||
inkscape:collect="always" />
|
||||
<linearGradient
|
||||
y2="247.58188"
|
||||
x2="-702.75317"
|
||||
y1="102.74675"
|
||||
x1="-775.20807"
|
||||
gradientTransform="translate(983.36076,601.38885)"
|
||||
gradientUnits="userSpaceOnUse"
|
||||
id="linearGradient4544"
|
||||
xlink:href="#linearGradient5960"
|
||||
inkscape:collect="always" />
|
||||
<clipPath
|
||||
id="clipPath4501"
|
||||
clipPathUnits="userSpaceOnUse">
|
||||
<circle
|
||||
r="241.06563"
|
||||
cy="686.09473"
|
||||
cx="335.13995"
|
||||
id="circle4503"
|
||||
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#adadad;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate" />
|
||||
</clipPath>
|
||||
<clipPath
|
||||
id="clipPath5410"
|
||||
clipPathUnits="userSpaceOnUse">
|
||||
<circle
|
||||
r="241.13741"
|
||||
cy="340.98975"
|
||||
cx="335.98114"
|
||||
id="circle5412"
|
||||
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#ffffff;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate" />
|
||||
</clipPath>
|
||||
<linearGradient
|
||||
inkscape:collect="always"
|
||||
xlink:href="#linearGradient5053"
|
||||
id="linearGradient5137"
|
||||
gradientUnits="userSpaceOnUse"
|
||||
gradientTransform="translate(864.55062,-2197.497)"
|
||||
x1="-584.19934"
|
||||
y1="782.33563"
|
||||
x2="-496.29703"
|
||||
y2="937.71399" />
|
||||
<linearGradient
|
||||
inkscape:collect="always"
|
||||
xlink:href="#linearGradient5053"
|
||||
id="linearGradient5147"
|
||||
gradientUnits="userSpaceOnUse"
|
||||
gradientTransform="translate(864.55062,-2197.497)"
|
||||
x1="-584.19934"
|
||||
y1="782.33563"
|
||||
x2="-496.29703"
|
||||
y2="937.71399" />
|
||||
<linearGradient
|
||||
inkscape:collect="always"
|
||||
xlink:href="#linearGradient5562"
|
||||
id="linearGradient5162"
|
||||
gradientUnits="userSpaceOnUse"
|
||||
gradientTransform="translate(70.505061,-1761.3076)"
|
||||
x1="200.59668"
|
||||
y1="351.41116"
|
||||
x2="290.08701"
|
||||
y2="506.18814" />
|
||||
<linearGradient
|
||||
inkscape:collect="always"
|
||||
xlink:href="#linearGradient5562"
|
||||
id="linearGradient5172"
|
||||
gradientUnits="userSpaceOnUse"
|
||||
gradientTransform="translate(70.505061,-1761.3076)"
|
||||
x1="200.59668"
|
||||
y1="351.41116"
|
||||
x2="290.08701"
|
||||
y2="506.18814" />
|
||||
<linearGradient
|
||||
inkscape:collect="always"
|
||||
xlink:href="#linearGradient5562"
|
||||
id="linearGradient5182"
|
||||
gradientUnits="userSpaceOnUse"
|
||||
gradientTransform="translate(70.505061,-1761.3076)"
|
||||
x1="200.59668"
|
||||
y1="351.41116"
|
||||
x2="290.08701"
|
||||
y2="506.18814" />
|
||||
<linearGradient
|
||||
y2="506.18814"
|
||||
x2="290.08701"
|
||||
y1="351.41116"
|
||||
x1="200.59668"
|
||||
gradientTransform="translate(70.505061,-1761.3076)"
|
||||
gradientUnits="userSpaceOnUse"
|
||||
id="linearGradient5201"
|
||||
xlink:href="#linearGradient5562"
|
||||
inkscape:collect="always" />
|
||||
<linearGradient
|
||||
y2="937.71399"
|
||||
x2="-496.29703"
|
||||
y1="782.33563"
|
||||
x1="-584.19934"
|
||||
gradientTransform="translate(864.55062,-2197.497)"
|
||||
gradientUnits="userSpaceOnUse"
|
||||
id="linearGradient5205"
|
||||
xlink:href="#linearGradient5053"
|
||||
inkscape:collect="always" />
|
||||
</defs>
|
||||
<sodipodi:namedview
|
||||
id="base"
|
||||
pagecolor="#ffffff"
|
||||
bordercolor="#666666"
|
||||
borderopacity="1.0"
|
||||
inkscape:pageopacity="0.0"
|
||||
inkscape:pageshadow="2"
|
||||
inkscape:zoom="0.98318225"
|
||||
inkscape:cx="112.8987"
|
||||
inkscape:cy="191.21582"
|
||||
inkscape:document-units="px"
|
||||
inkscape:current-layer="layer1"
|
||||
showgrid="false"
|
||||
inkscape:window-width="2059"
|
||||
inkscape:window-height="1588"
|
||||
inkscape:window-x="0"
|
||||
inkscape:window-y="0"
|
||||
inkscape:window-maximized="0"
|
||||
inkscape:snap-global="true"
|
||||
fit-margin-top="0"
|
||||
fit-margin-left="0"
|
||||
fit-margin-right="0"
|
||||
fit-margin-bottom="0"
|
||||
inkscape:showpageshadow="0"
|
||||
inkscape:pagecheckerboard="0"
|
||||
inkscape:deskcolor="#505050" />
|
||||
<metadata
|
||||
id="metadata7">
|
||||
<rdf:RDF>
|
||||
<cc:Work
|
||||
rdf:about="">
|
||||
<dc:format>image/svg+xml</dc:format>
|
||||
<dc:type
|
||||
rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
|
||||
</cc:Work>
|
||||
</rdf:RDF>
|
||||
</metadata>
|
||||
<g
|
||||
inkscape:label="print-logo"
|
||||
inkscape:groupmode="layer"
|
||||
id="layer1"
|
||||
style="display:inline"
|
||||
transform="translate(-156.33871,933.1905)">
|
||||
<path
|
||||
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#5277c3;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate"
|
||||
d="m 309.40365,-710.2521 122.19683,211.6751 -56.15706,0.5268 -32.6236,-56.8692 -32.85645,56.5653 -27.90237,-0.011 -14.29086,-24.6896 46.81047,-80.4902 -33.22946,-57.8256 z"
|
||||
id="path4861"
|
||||
inkscape:connector-curvature="0"
|
||||
sodipodi:nodetypes="cccccccccc" />
|
||||
<path
|
||||
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#df3c59;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate"
|
||||
d="m 353.50926,-797.4433 -122.21756,211.6631 -28.53477,-48.37 32.93839,-56.6875 -65.41521,-0.1719 -13.9414,-24.1698 14.23637,-24.721 93.11177,0.2939 33.46371,-57.6903 z"
|
||||
id="use4863"
|
||||
inkscape:connector-curvature="0"
|
||||
sodipodi:nodetypes="cccccccccc" />
|
||||
<path
|
||||
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#df3c59;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate"
|
||||
d="m 362.88537,-628.243 244.41439,0.012 -27.62229,48.8968 -65.56199,-0.1817 32.55876,56.7371 -13.96098,24.1585 -28.52722,0.032 -46.3013,-80.7841 -66.69317,-0.1353 z"
|
||||
id="use4865"
|
||||
inkscape:connector-curvature="0"
|
||||
sodipodi:nodetypes="cccccccccc" />
|
||||
<path
|
||||
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#df3c59;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate"
|
||||
d="m 505.14318,-720.9886 -122.19683,-211.6751 56.15706,-0.5268 32.6236,56.8692 32.85645,-56.5653 27.90237,0.011 14.29086,24.6896 -46.81047,80.4902 33.22946,57.8256 z"
|
||||
id="use4867"
|
||||
inkscape:connector-curvature="0"
|
||||
sodipodi:nodetypes="cccccccccc" />
|
||||
<path
|
||||
sodipodi:nodetypes="cccccccccc"
|
||||
inkscape:connector-curvature="0"
|
||||
id="path4873"
|
||||
d="m 309.40365,-710.2521 122.19683,211.6751 -56.15706,0.5268 -32.6236,-56.8692 -32.85645,56.5653 -27.90237,-0.011 -14.29086,-24.6896 46.81047,-80.4902 -33.22946,-57.8256 z"
|
||||
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#8e293b;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate" />
|
||||
<path
|
||||
sodipodi:nodetypes="cccccccccc"
|
||||
inkscape:connector-curvature="0"
|
||||
id="use4875"
|
||||
d="m 451.3364,-803.53264 -244.4144,-0.012 27.62229,-48.89685 65.56199,0.18175 -32.55875,-56.73717 13.96097,-24.15851 28.52722,-0.0315 46.3013,80.78414 66.69317,0.13524 z"
|
||||
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#8e293b;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate" />
|
||||
<path
|
||||
sodipodi:nodetypes="cccccccccc"
|
||||
inkscape:connector-curvature="0"
|
||||
id="use4877"
|
||||
d="m 460.87178,-633.8425 122.21757,-211.66304 28.53477,48.37003 -32.93839,56.68751 65.4152,0.1718 13.9414,24.1698 -14.23636,24.7211 -93.11177,-0.294 -33.46371,57.6904 z"
|
||||
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#8e293b;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate" />
|
||||
<g
|
||||
id="layer2"
|
||||
inkscape:label="guides"
|
||||
style="display:none"
|
||||
transform="translate(72.039038,-1799.4476)">
|
||||
<path
|
||||
d="M 460.60629,594.72881 209.74183,594.7288 84.309616,377.4738 209.74185,160.21882 l 250.86446,1e-5 125.43222,217.255 z"
|
||||
inkscape:randomized="0"
|
||||
inkscape:rounded="0"
|
||||
inkscape:flatsided="true"
|
||||
sodipodi:arg2="1.5707963"
|
||||
sodipodi:arg1="1.0471976"
|
||||
sodipodi:r2="217.25499"
|
||||
sodipodi:r1="250.86446"
|
||||
sodipodi:cy="377.47382"
|
||||
sodipodi:cx="335.17407"
|
||||
sodipodi:sides="6"
|
||||
id="path6032"
|
||||
style="color:#000000;display:inline;overflow:visible;visibility:visible;opacity:0.236;fill:#4e4d52;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;enable-background:accumulate"
|
||||
sodipodi:type="star" />
|
||||
<path
|
||||
transform="translate(0,-308.26772)"
|
||||
sodipodi:type="star"
|
||||
style="color:#000000;display:inline;overflow:visible;visibility:visible;opacity:1;fill:#4e4d52;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;enable-background:accumulate"
|
||||
id="path5875"
|
||||
sodipodi:sides="6"
|
||||
sodipodi:cx="335.17407"
|
||||
sodipodi:cy="685.74158"
|
||||
sodipodi:r1="100.83495"
|
||||
sodipodi:r2="87.32563"
|
||||
sodipodi:arg1="1.0471976"
|
||||
sodipodi:arg2="1.5707963"
|
||||
inkscape:flatsided="true"
|
||||
inkscape:rounded="0"
|
||||
inkscape:randomized="0"
|
||||
d="m 385.59154,773.06721 -100.83495,0 -50.41747,-87.32564 50.41748,-87.32563 100.83495,10e-6 50.41748,87.32563 z" />
|
||||
<path
|
||||
transform="translate(0,-308.26772)"
|
||||
sodipodi:nodetypes="ccccccccc"
|
||||
inkscape:connector-curvature="0"
|
||||
id="path5851"
|
||||
d="m 1216.5591,938.53395 123.0545,228.14035 -42.6807,-1.2616 -43.4823,-79.7725 -39.6506,80.3267 -32.6875,-19.7984 53.4737,-100.2848 -37.1157,-73.88955 z"
|
||||
style="fill:url(#linearGradient5855);fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
|
||||
<rect
|
||||
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:0.415;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#c53a3a;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate"
|
||||
id="rect5884"
|
||||
width="48.834862"
|
||||
height="226.22897"
|
||||
x="-34.74221"
|
||||
y="446.17056"
|
||||
transform="rotate(-30)" />
|
||||
<path
|
||||
transform="translate(0,-308.26772)"
|
||||
sodipodi:type="star"
|
||||
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:0.509;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#000000;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:3;stroke-linecap:butt;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate"
|
||||
id="path3428"
|
||||
sodipodi:sides="6"
|
||||
sodipodi:cx="223.93674"
|
||||
sodipodi:cy="878.63831"
|
||||
sodipodi:r1="28.048939"
|
||||
sodipodi:r2="24.291094"
|
||||
sodipodi:arg1="0"
|
||||
sodipodi:arg2="0.52359878"
|
||||
inkscape:flatsided="true"
|
||||
inkscape:rounded="0"
|
||||
inkscape:randomized="0"
|
||||
d="m 251.98568,878.63831 -14.02447,24.29109 h -28.04894 l -14.02447,-24.29109 14.02447,-24.2911 h 28.04894 z" />
|
||||
<use
|
||||
x="0"
|
||||
y="0"
|
||||
xlink:href="#rect5884"
|
||||
id="use4252"
|
||||
transform="rotate(60,268.29786,489.4515)"
|
||||
width="100%"
|
||||
height="100%" />
|
||||
<rect
|
||||
style="color:#000000;clip-rule:nonzero;display:inline;overflow:visible;visibility:visible;opacity:1;isolation:auto;mix-blend-mode:normal;color-interpolation:sRGB;color-interpolation-filters:linearRGB;solid-color:#000000;solid-opacity:1;fill:#000000;fill-opacity:0.650794;fill-rule:evenodd;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-dashoffset:0;stroke-opacity:1;marker:none;color-rendering:auto;image-rendering:auto;shape-rendering:auto;text-rendering:auto;enable-background:accumulate"
|
||||
id="rect4254"
|
||||
width="5.3947482"
|
||||
height="115.12564"
|
||||
x="545.71014"
|
||||
y="467.07007"
|
||||
transform="rotate(30,575.23539,-154.13386)" />
|
||||
</g>
|
||||
</g>
|
||||
</svg>
|
After Width: | Height: | Size: 19 KiB |
|
@ -1,4 +1,4 @@
|
|||
{nixpkgs, ...}: {
|
||||
{lib, ...}: {
|
||||
schemes = let
|
||||
mkColorScheme = scheme @ {
|
||||
scheme-name,
|
||||
|
@ -22,7 +22,6 @@
|
|||
}: let
|
||||
base =
|
||||
{
|
||||
# aliases?
|
||||
text = fg;
|
||||
primary = blue;
|
||||
urgent = red;
|
||||
|
@ -50,14 +49,14 @@
|
|||
}
|
||||
// scheme;
|
||||
in
|
||||
{
|
||||
withHashPrefix = nixpkgs.lib.mapAttrs (_: value: "#${value}") base;
|
||||
}
|
||||
// base;
|
||||
base
|
||||
// {
|
||||
withHashPrefix = lib.mapAttrs (_: value: "#${value}") base;
|
||||
};
|
||||
in {
|
||||
donokai = mkColorScheme {
|
||||
scheme-name = "donokai";
|
||||
bg = "111111";
|
||||
bg = "110f0a";
|
||||
bg2 = "181818";
|
||||
bg3 = "222222";
|
||||
bg4 = "292929";
|
||||
|
|
|
@ -22,7 +22,8 @@ git add -A
|
|||
host=your_host
|
||||
ssh -t "root@$host" "bash -c '
|
||||
set -m
|
||||
(sleep 300; reboot;) &
|
||||
# sleep 30 mins
|
||||
(sleep 1800; reboot;) &
|
||||
jobs -p
|
||||
bg
|
||||
disown
|
||||
|
@ -79,6 +80,7 @@ nix-shell --packages git --run "sudo nix run \
|
|||
# install
|
||||
nix-shell --packages git \
|
||||
--run "sudo nixos-install \
|
||||
--no-write-lock-file \
|
||||
--flake 'git+https://git.lyte.dev/lytedev/nix#${FLAKE_ATTR}' \
|
||||
--option trusted-substituters 'https://cache.nixos.org https://nix.h.lyte.dev' \
|
||||
--option trusted-public-keys 'cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= h.lyte.dev:HeVWtne31ZG8iMf+c15VY3/Mky/4ufXlfTpT8+4Xbs0='"
|
||||
|
@ -106,3 +108,7 @@ $ rsync -r ~/.local/share/password-store $host:~/.local/share/password-store
|
|||
|
||||
3. Tailscale connection and roles.
|
||||
4. Firefox sync configured.
|
||||
|
||||
# Temporary Firewall Changes
|
||||
|
||||
Source: https://discourse.nixos.org/t/how-to-temporarily-open-a-tcp-port-in-nixos/12306/2
|
||||
|
|
|
@ -1,5 +0,0 @@
|
|||
{outputs, ...}: {
|
||||
imports = with outputs.homeManagerModules; [
|
||||
sway
|
||||
];
|
||||
}
|
|
@ -1,26 +0,0 @@
|
|||
{
|
||||
pkgs,
|
||||
# colors,
|
||||
...
|
||||
}: {
|
||||
programs.bat = {
|
||||
enable = true;
|
||||
config = {
|
||||
theme = "ansi";
|
||||
};
|
||||
# themes = {
|
||||
# "Catppuccin-mocha" = builtins.readFile (pkgs.fetchFromGitHub
|
||||
# {
|
||||
# owner = "catppuccin";
|
||||
# repo = "bat";
|
||||
# rev = "477622171ec0529505b0ca3cada68fc9433648c6";
|
||||
# sha256 = "6WVKQErGdaqb++oaXnY3i6/GuH2FhTgK0v4TN4Y0Wbw=";
|
||||
# }
|
||||
# + "/Catppuccin-mocha.tmTheme");
|
||||
# };
|
||||
};
|
||||
|
||||
home.shellAliases = {
|
||||
cat = "bat";
|
||||
};
|
||||
}
|
|
@ -1,34 +0,0 @@
|
|||
{colors, ...}: {
|
||||
programs.broot = {
|
||||
enable = true;
|
||||
enableFishIntegration = true;
|
||||
settings = {
|
||||
modal = true; # vim mode?
|
||||
|
||||
verbs = [
|
||||
{
|
||||
invocation = "edit";
|
||||
shortcut = "e";
|
||||
execution = "$EDITOR {file}";
|
||||
}
|
||||
];
|
||||
|
||||
skin = with colors.withHashPrefix; {
|
||||
status_normal_fg = fg;
|
||||
status_normal_bg = bg;
|
||||
status_error_fg = red;
|
||||
status_error_bg = yellow;
|
||||
tree_fg = red;
|
||||
selected_line_bg = bg2;
|
||||
permissions_fg = purple;
|
||||
size_bar_full_bg = red;
|
||||
size_bar_void_bg = bg;
|
||||
directory_fg = yellow;
|
||||
input_fg = blue;
|
||||
flag_value_fg = yellow;
|
||||
table_border_fg = red;
|
||||
code_fg = yellow;
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,9 +0,0 @@
|
|||
{config, ...}: {
|
||||
home.file."${config.xdg.configHome}/cargo/config.toml" = {
|
||||
enable = true;
|
||||
text = ''
|
||||
[build]
|
||||
rustdocflags = ["--default-theme=ayu"];
|
||||
'';
|
||||
};
|
||||
}
|
|
@ -1,109 +0,0 @@
|
|||
{
|
||||
pkgs,
|
||||
lib,
|
||||
system,
|
||||
inputs,
|
||||
outputs,
|
||||
...
|
||||
}: {
|
||||
# TODO: fonts? right now they are only handled at the nixos-level (desktop-usage module)
|
||||
# TODO: wallpaper?
|
||||
|
||||
imports = with outputs.homeManagerModules; [
|
||||
# nix-colors.homeManagerModules.default
|
||||
fish
|
||||
bat
|
||||
helix
|
||||
git
|
||||
iex
|
||||
zellij
|
||||
broot
|
||||
nnn
|
||||
htop
|
||||
cargo
|
||||
senpai
|
||||
tmux
|
||||
];
|
||||
|
||||
# TODO: specify an email?
|
||||
# accounts.email.accounts = {
|
||||
# primary = {
|
||||
# address = "daniel@lyte.dev";
|
||||
# };
|
||||
# };
|
||||
|
||||
home = {
|
||||
username = lib.mkDefault "daniel";
|
||||
homeDirectory = lib.mkDefault "/home/daniel/.home";
|
||||
stateVersion = lib.mkDefault "23.11";
|
||||
|
||||
sessionVariables = {
|
||||
EDITOR = "hx";
|
||||
VISUAL = "hx";
|
||||
PAGER = "less";
|
||||
MANPAGER = "less";
|
||||
};
|
||||
|
||||
packages = [
|
||||
# I use gawk for my fish prompt
|
||||
pkgs.gawk
|
||||
|
||||
# text editor
|
||||
inputs.helix.packages.${system}.helix
|
||||
|
||||
# tools I use when editing nix code
|
||||
pkgs.nil
|
||||
pkgs.alejandra
|
||||
|
||||
(pkgs.buildEnv {
|
||||
name = "my-scripts-common";
|
||||
paths = [./scripts/common];
|
||||
})
|
||||
];
|
||||
};
|
||||
|
||||
# TODO: not common?
|
||||
# programs.password-store = {
|
||||
# enable = true;
|
||||
# package = pkgs.pass.withExtensions (exts: [exts.pass-otp]);
|
||||
# };
|
||||
|
||||
# programs.gitui = {
|
||||
# enable = true;
|
||||
# };
|
||||
|
||||
programs.direnv = {
|
||||
enable = true;
|
||||
nix-direnv.enable = true;
|
||||
};
|
||||
|
||||
programs.eza = {
|
||||
enable = true;
|
||||
package = inputs.nixpkgs.legacyPackages.${system}.eza;
|
||||
};
|
||||
|
||||
programs.skim = {
|
||||
# https://github.com/lotabout/skim/issues/494
|
||||
enable = false;
|
||||
enableFishIntegration = true;
|
||||
defaultOptions = ["--no-clear-start" "--color=16"];
|
||||
};
|
||||
|
||||
programs.fzf = {
|
||||
# using good ol' fzf until skim sucks less out of the box I guess
|
||||
enable = true;
|
||||
enableFishIntegration = true;
|
||||
# defaultCommand = "fd --type f";
|
||||
# defaultOptions = ["--height 40%"];
|
||||
# fileWidgetOptions = ["--preview 'head {}'"];
|
||||
};
|
||||
|
||||
# TODO: regular cron or something?
|
||||
programs.nix-index = {
|
||||
enable = true;
|
||||
enableFishIntegration = true;
|
||||
};
|
||||
|
||||
# maybe we can share somehow so things for nix-y systems and non-nix-y systems alike
|
||||
# am I going to _have_ non-nix systems anymore?
|
||||
}
|
File diff suppressed because it is too large
Load diff
|
@ -1,6 +0,0 @@
|
|||
{outputs, ...}: {
|
||||
imports = with outputs.homeManagerModules; [
|
||||
kitty
|
||||
wezterm
|
||||
];
|
||||
}
|
|
@ -1,71 +0,0 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
outputs,
|
||||
...
|
||||
}: {
|
||||
imports = with outputs.homeManagerModules; [
|
||||
melee
|
||||
sway
|
||||
hyprland
|
||||
];
|
||||
|
||||
wayland.windowManager.hyprland = {
|
||||
settings = {
|
||||
env = [
|
||||
"EWW_BAR_MON,1"
|
||||
];
|
||||
# See https://wiki.hyprland.org/Configuring/Keywords/ for more
|
||||
monitor = [
|
||||
"DP-3,3840x2160@120,0x0,1"
|
||||
];
|
||||
input = {
|
||||
force_no_accel = true;
|
||||
sensitivity = 1; # -1.0 - 1.0, 0 means no modification.
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
wayland.windowManager.sway = {
|
||||
config = {
|
||||
output = {
|
||||
"GIGA-BYTE TECHNOLOGY CO., LTD. AORUS FO48U 23070B000307" = {
|
||||
mode = "3840x2160@120Hz";
|
||||
position = "${toString (builtins.ceil (2160 / 1.5))},0";
|
||||
};
|
||||
|
||||
"Dell Inc. DELL U2720Q D3TM623" = {
|
||||
# desktop left vertical monitor
|
||||
mode = "3840x2160@60Hz";
|
||||
transform = "90";
|
||||
scale = "1.5";
|
||||
position = "0,0";
|
||||
};
|
||||
};
|
||||
|
||||
workspaceOutputAssign =
|
||||
(
|
||||
map
|
||||
(ws: {
|
||||
output = "GIGA-BYTE TECHNOLOGY CO., LTD. AORUS FO48U 23070B000307";
|
||||
workspace = toString ws;
|
||||
})
|
||||
(lib.range 1 7)
|
||||
)
|
||||
++ (
|
||||
map
|
||||
(ws: {
|
||||
output = "Dell Inc. DELL U2720Q D3TM623";
|
||||
workspace = toString ws;
|
||||
})
|
||||
(lib.range 8 9)
|
||||
);
|
||||
};
|
||||
};
|
||||
|
||||
ssbm = {
|
||||
slippi-launcher = {
|
||||
isoPath = "${config.home.homeDirectory}/../games/roms/dolphin/melee.iso";
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,79 +0,0 @@
|
|||
{
|
||||
programs.eww = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
home.file.".config/eww/eww.yuck" = {
|
||||
enable = true;
|
||||
text = ''
|
||||
(defwidget bar []
|
||||
(centerbox :orientation "h"
|
||||
(sidestuff)
|
||||
(box)
|
||||
(music)))
|
||||
|
||||
(defwindow bar
|
||||
:monitor 0
|
||||
:stacking "fg"
|
||||
:exclusive true
|
||||
:geometry
|
||||
(geometry
|
||||
:x "0%"
|
||||
:y "0%"
|
||||
:width "100%"
|
||||
:height "31px"
|
||||
:anchor "bottom center")
|
||||
(bar))
|
||||
|
||||
(defwidget sidestuff []
|
||||
(box :class "sidestuff" :orientation "h" :space-evenly false :halign "start" :spacing 20
|
||||
time
|
||||
; TODO: idle inhibitor?
|
||||
; TODO: get these to align properly?
|
||||
(box :class "mic" (
|
||||
box :class {micMuted == "false" ? "live" : "muted"} {micMuted == "false" ? " " : " "}
|
||||
) {micVolume + "%"}
|
||||
)
|
||||
(box :class "vol" (
|
||||
box :class {muted == "false" ? "live" : "muted"} {muted == "false" ? " " : " "}
|
||||
) {volume + "%"}
|
||||
)
|
||||
{" " + round(EWW_CPU["avg"], 0) + "%"}
|
||||
{" " + round(EWW_RAM["used_mem_perc"], 0) + "%"}
|
||||
{isDesktop == "true" ? "" : " " + brightness + "%"}
|
||||
{isDesktop == "true" ? "" : " " + EWW_BATTERY["BAT0"]["capacity"] + "%/" + EWW_BATTERY["BAT1"]["capacity"] + "%"}
|
||||
))
|
||||
|
||||
(defwidget music []
|
||||
(box :class "music"
|
||||
:orientation "h"
|
||||
:halign "end"
|
||||
:space-evenly false
|
||||
{music != "" ? "''${music}" : ""}))
|
||||
|
||||
(deflisten music :initial ""
|
||||
"playerctl --follow metadata --format '{{ title }} by {{ artist }}' || true")
|
||||
|
||||
(deflisten volume :initial "0"
|
||||
"pamixer --get-volume; pactl subscribe | grep sink --line-buffered | while read i; do pamixer --get-volume; done")
|
||||
|
||||
(deflisten muted :initial "false"
|
||||
"pamixer --get-mute; pactl subscribe | grep sink --line-buffered | while read i; do pamixer --get-mute; done")
|
||||
|
||||
(deflisten micVolume :initial "0"
|
||||
"pamixer --default-source --get-volume; pactl subscribe | grep source --line-buffered | while read i; do pamixer --default-source --get-volume; done")
|
||||
|
||||
(deflisten micMuted :initial "false"
|
||||
"pamixer --default-source --get-mute; pactl subscribe | grep source --line-buffered | while read i; do pamixer --default-source --get-mute; done")
|
||||
|
||||
(defpoll time :interval "1s"
|
||||
"date '+%a %b %d %H:%M:%S'")
|
||||
|
||||
(defpoll isDesktop :interval "24h"
|
||||
"if [ -d \"$HOME/.config/lytedev-env/host-desktop\" ]; then echo true; else echo false; fi")
|
||||
|
||||
(defpoll brightness :interval "10s"
|
||||
"echo $(((100 * $(brightnessctl get)) / $(brightnessctl max)))")
|
||||
'';
|
||||
};
|
||||
}
|
|
@ -38,8 +38,8 @@ $rosewater: #f5e0dc;
|
|||
font-size: 12.0pt;
|
||||
}
|
||||
|
||||
.sidestuff slider {
|
||||
color: #ffd5cd;
|
||||
.leftsidestuff slider {
|
||||
color: $sapphire;
|
||||
}
|
||||
|
||||
.metric {}
|
||||
|
@ -75,10 +75,34 @@ $rosewater: #f5e0dc;
|
|||
|
||||
.vol .muted,
|
||||
.mic .live {
|
||||
color: #f38ba8;
|
||||
color: $red;
|
||||
}
|
||||
|
||||
.vol .live,
|
||||
.mic .muted {
|
||||
color: #74c7ec;
|
||||
color: $sapphire;
|
||||
}
|
||||
|
||||
.workspace {
|
||||
/* height: 100%; */
|
||||
padding-left: 10px;
|
||||
padding-right: 10px;
|
||||
color: #666666;
|
||||
}
|
||||
|
||||
.workspace.occupied {
|
||||
color: $text;
|
||||
}
|
||||
|
||||
.workspace.occupied.active,
|
||||
.workspace.active {
|
||||
color: $base;
|
||||
background-color: $subtext1;
|
||||
}
|
||||
|
||||
.workspace.occupied.focused.active,
|
||||
.workspace.occupied.focused,
|
||||
.workspace.focused {
|
||||
color: $base;
|
||||
background-color: $sapphire;
|
||||
}
|
|
@ -1,8 +1,9 @@
|
|||
(defwidget bar []
|
||||
(centerbox :orientation "h"
|
||||
(sidestuff)
|
||||
(leftsidestuff)
|
||||
(box)
|
||||
(music)))
|
||||
(rightsidestuff)
|
||||
))
|
||||
|
||||
(defwindow bar0
|
||||
:monitor 0
|
||||
|
@ -13,7 +14,7 @@
|
|||
:x "0%"
|
||||
:y "0%"
|
||||
:width "100%"
|
||||
:height "31px"
|
||||
:height "32px"
|
||||
:anchor "bottom center")
|
||||
(bar))
|
||||
|
||||
|
@ -26,27 +27,35 @@
|
|||
:x "0%"
|
||||
:y "0%"
|
||||
:width "100%"
|
||||
:height "31px"
|
||||
:height "32px"
|
||||
:anchor "bottom center")
|
||||
(bar))
|
||||
|
||||
(defwidget sidestuff []
|
||||
(box :class "sidestuff" :orientation "h" :space-evenly false :halign "start" :spacing 20
|
||||
(defwidget rightsidestuff []
|
||||
(box :class "rightsidestuff" :orientation "h" :space-evenly false :halign "end" :valign "center" :spacing 10
|
||||
(music)
|
||||
(systray)
|
||||
))
|
||||
|
||||
(defwidget leftsidestuff []
|
||||
(box :class "leftsidestuff" :orientation "h" :space-evenly false :halign "start" :valign "center" :spacing 10
|
||||
time
|
||||
; TODO: idle inhibitor?
|
||||
; TODO: get these to align properly?
|
||||
; TODO: get these to align properly? icons seem lower than they should be?
|
||||
(box :class "mic" (
|
||||
box :class {micMuted == "false" ? "live" : "muted"} {micMuted == "false" ? " " : " "}
|
||||
) {micVolume + "%"}
|
||||
) {"${micVolume}%"}
|
||||
)
|
||||
(box :class "vol" (
|
||||
box :class {muted == "false" ? "live" : "muted"} {muted == "false" ? " " : " "}
|
||||
) {volume + "%"}
|
||||
) {"${volume}%"}
|
||||
)
|
||||
{" " + round(EWW_CPU["avg"], 0) + "%"}
|
||||
{" " + round(EWW_RAM["used_mem_perc"], 0) + "%"}
|
||||
{isDesktop == "true" ? "" : " " + brightness + "%"}
|
||||
{isDesktop == "true" ? "" : " " + EWW_BATTERY["BAT1"]["capacity"] + "%"}
|
||||
{" ${round(EWW_CPU["avg"], 0)}%"}
|
||||
{" ${round(EWW_RAM["used_mem_perc"], 0)}%"}
|
||||
; TODO: have these "widgets" be omitted entirely instead of just empty strings
|
||||
{(showBrightness == "true") ? (" ${brightness}%") : ""}
|
||||
{(showBattery == "true") ? (" ${EWW_BATTERY["BAT1"]["capacity"]}% (${batteryTime})") : ""}
|
||||
(box :orientation "h" :space-evenly false :halign "start" :valign "center" (workspaces))
|
||||
))
|
||||
|
||||
(defwidget music []
|
||||
|
@ -71,14 +80,26 @@
|
|||
(deflisten micMuted :initial "false"
|
||||
"pamixer --default-source --get-mute; pactl subscribe | grep source --line-buffered | while read i; do pamixer --default-source --get-mute; done")
|
||||
|
||||
; "upower -d | rg '\\s*(time to empty|time to full):\\s*(\\d.*)\$' -r '\$2'; upower --monitor-detail | rg '\\s*(time to empty|time to full):\\s*(\\d.*)\$' -r '\$2'")
|
||||
|
||||
; (deflisten batteryTime :initial "unknown"
|
||||
; "upower -d | rg '\s*time to empty:\s*(\d.*)\$' -r '\$1'; upower --monitor-detail | rg '\\s*time to empty:\\s*(\\d.*)\$' -r '\$1'")
|
||||
|
||||
(defpoll time :interval "1s"
|
||||
"date '+%a %b %d %H:%M:%S'")
|
||||
|
||||
(defpoll isDesktop :interval "24h"
|
||||
"if [ -d \"$HOME/.config/lytedev-env/host-desktop\" ]; then echo true; else echo false; fi")
|
||||
(defpoll showBrightness :interval "24h"
|
||||
; if we have at least one file in /sys/class/backlight, we should try and show brightness
|
||||
"if [ \"$(find /sys/class/backlight -mindepth 1 -maxdepth 1 | head -n 1 | wc -l)\" == \"1\" ]; then echo true; else echo false; fi")
|
||||
|
||||
(defpoll showBattery :interval "24h"
|
||||
; if we have at least one battery in /sys/class/power_supply, we should try and show battery levels
|
||||
"if find /sys/class/power_supply -mindepth 1 -maxdepth 1 2>&1 | rg '\/sys\/class\/power_supply\/BAT' 2>&1 > /dev/null; then echo true; else echo false; fi")
|
||||
|
||||
(defpoll brightness :interval "10s"
|
||||
"echo $(((100 * $(brightnessctl get)) / $(brightnessctl max)))")
|
||||
|
||||
(defpoll monitor :interval "60s"
|
||||
"echo $EWW_BAR_MON")
|
||||
(deflisten batteryTime :initial "unknown" "scripts/battery-time.bash")
|
||||
|
||||
(deflisten workspace "scripts/hypr-workspaces.bash")
|
||||
(defwidget workspaces [] (literal :content workspace))
|
||||
|
|
3
modules/home-manager/eww/scripts/battery-time.bash
Executable file
3
modules/home-manager/eww/scripts/battery-time.bash
Executable file
|
@ -0,0 +1,3 @@
|
|||
#!/usr/bin/env bash
|
||||
{ upower -d; upower --monitor-detail; } \
|
||||
| rg '\s*time to.*:\s*(\d.*)\s*$' -r '$1'
|
70
modules/home-manager/eww/scripts/hypr-workspaces.bash
Executable file
70
modules/home-manager/eww/scripts/hypr-workspaces.bash
Executable file
|
@ -0,0 +1,70 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
# TODO: we're mixing bash arrays and not-arrays - get it together
|
||||
|
||||
#define icons for workspaces 1-9
|
||||
ic=(1 2 3 4 5 6 7 8 9)
|
||||
|
||||
occ() { export o"$1"="occupied"; }
|
||||
unocc() { unset -v o"$1"; }
|
||||
|
||||
active() { export a"$1"="active"; }
|
||||
unactive() { unset -v a"$1"; }
|
||||
|
||||
focus() { export f"$1"="focused"; }
|
||||
unfocus() { unset -v f"$1"; }
|
||||
|
||||
workspaces() {
|
||||
for num in 1 2 3 4 5 6 7 8 9; do
|
||||
unfocus $num
|
||||
unactive $num
|
||||
unocc $num
|
||||
done
|
||||
|
||||
# TODO: avoid recomputing these each time and actually listen to the events?
|
||||
mons_json=$(hyprctl monitors -j)
|
||||
for num in $(hyprctl workspaces -j | jq -r '.[] | select(.windows > 0) | .id'); do
|
||||
occ "$num"
|
||||
done
|
||||
|
||||
for num in $(echo "$mons_json" | jq -r '.[].activeWorkspace.id'); do
|
||||
active "$num"
|
||||
done
|
||||
|
||||
for num in $(echo "$mons_json" | jq -r '.[] | select(.focused) | .activeWorkspace.id'); do
|
||||
focus "$num"
|
||||
done
|
||||
|
||||
# TODO: would be nice to have monitors' workspaces show up in left-to-right
|
||||
# order as laid out in physical/pixel space
|
||||
# this would make glancing at the workspace indicator more intuitive
|
||||
# TODO: might be nice to exclude certain windows as counting towards "occupation" such as xwaylandvideobridge or w/e
|
||||
# NOTE: maybe I can group workspaces by their monitor with some mechanism for "unassigned" workspace to show up by a "primary" monitor
|
||||
|
||||
# render eww widget
|
||||
echo "(eventbox :onscroll \"echo {} | sed -e 's/up/-1/g' -e 's/down/+1/g' | xargs hyprctl dispatch workspace\" \
|
||||
(box :class \"workspaces\" :orientation \"h\" :spacing 0 :space-evenly \"true\" \
|
||||
(button :onclick \"hyprctl dispatch workspace 1\" :onrightclick \"hyprctl dispatch workspace 1\" :class \"workspace $a1 $o1 $f1\" \"${ic[0]}\") \
|
||||
(button :onclick \"hyprctl dispatch workspace 2\" :onrightclick \"hyprctl dispatch workspace 2\" :class \"workspace $a2 $o2 $f2\" \"${ic[1]}\") \
|
||||
(button :onclick \"hyprctl dispatch workspace 3\" :onrightclick \"hyprctl dispatch workspace 3\" :class \"workspace $a3 $o3 $f3\" \"${ic[2]}\") \
|
||||
(button :onclick \"hyprctl dispatch workspace 4\" :onrightclick \"hyprctl dispatch workspace 4\" :class \"workspace $a4 $o4 $f4\" \"${ic[3]}\") \
|
||||
(button :onclick \"hyprctl dispatch workspace 5\" :onrightclick \"hyprctl dispatch workspace 5\" :class \"workspace $a5 $o5 $f5\" \"${ic[4]}\") \
|
||||
(button :onclick \"hyprctl dispatch workspace 6\" :onrightclick \"hyprctl dispatch workspace 6\" :class \"workspace $a6 $o6 $f6\" \"${ic[5]}\") \
|
||||
(button :onclick \"hyprctl dispatch workspace 7\" :onrightclick \"hyprctl dispatch workspace 7\" :class \"workspace $a7 $o7 $f7\" \"${ic[6]}\") \
|
||||
(button :onclick \"hyprctl dispatch workspace 8\" :onrightclick \"hyprctl dispatch workspace 8\" :class \"workspace $a8 $o8 $f8\" \"${ic[7]}\") \
|
||||
(button :onclick \"hyprctl dispatch workspace 9\" :onrightclick \"hyprctl dispatch workspace 9\" :class \"workspace $a9 $o9 $f9\" \"${ic[8]}\") \
|
||||
) \
|
||||
)"
|
||||
}
|
||||
|
||||
# initial render
|
||||
workspaces
|
||||
|
||||
# listen to events and re-render
|
||||
while true; do
|
||||
# TODO: not sure why this socat | read invocation seems to stop?
|
||||
socat - "UNIX-CONNECT:$XDG_RUNTIME_DIR/hypr/$HYPRLAND_INSTANCE_SIGNATURE/.socket2.sock" | while read -r line; do
|
||||
workspaces "$line"
|
||||
done
|
||||
done
|
||||
echo '(box "DONE")'
|
|
@ -1,7 +0,0 @@
|
|||
{pkgs, ...}: {
|
||||
programs.eww = {
|
||||
enable = true;
|
||||
package = pkgs.eww-wayland;
|
||||
configDir = ./eww;
|
||||
};
|
||||
}
|
|
@ -1,52 +0,0 @@
|
|||
{pkgs, ...}: {
|
||||
programs.firefox = {
|
||||
# TODO: this should be able to work on macos, no?
|
||||
# TODO: enable dark theme by default
|
||||
enable = true;
|
||||
|
||||
# TODO: uses nixpkgs.pass so pass otp doesn't work
|
||||
package = pkgs.firefox.override {nativeMessagingHosts = [pkgs.passff-host];};
|
||||
|
||||
# extensions = with pkgs.nur.repos.rycee.firefox-addons; [
|
||||
# ublock-origin
|
||||
# ]; # TODO: would be nice to have _all_ my firefox stuff managed here instead of Firefox Sync maybe?
|
||||
|
||||
profiles = {
|
||||
daniel = {
|
||||
id = 0;
|
||||
settings = {
|
||||
"general.smoothScroll" = true;
|
||||
};
|
||||
|
||||
extraConfig = ''
|
||||
user_pref("toolkit.legacyUserProfileCustomizations.stylesheets", true);
|
||||
// user_pref("full-screen-api.ignore-widgets", true);
|
||||
user_pref("media.ffmpeg.vaapi.enabled", true);
|
||||
user_pref("media.rdd-vpx.enabled", true);
|
||||
'';
|
||||
|
||||
userChrome = ''
|
||||
#TabsToolbar {
|
||||
visibility: collapse;
|
||||
}
|
||||
|
||||
#webrtcIndicator {
|
||||
display: none;
|
||||
}
|
||||
|
||||
#main-window[tabsintitlebar="true"]:not([extradragspace="true"]) #TabsToolbar>.toolbar-items {
|
||||
opacity: 0;
|
||||
pointer-events: none;
|
||||
}
|
||||
|
||||
#main-window:not([tabsintitlebar="true"]) #TabsToolbar {
|
||||
visibility: collapse !important;
|
||||
}
|
||||
'';
|
||||
|
||||
# userContent = ''
|
||||
# '';
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,78 +0,0 @@
|
|||
{
|
||||
programs.fish = {
|
||||
enable = true;
|
||||
# I load long scripts from files for a better editing experience
|
||||
shellInit = builtins.readFile ./fish/shellInit.fish;
|
||||
interactiveShellInit = builtins.readFile ./fish/interactiveShellInit.fish;
|
||||
loginShellInit = "";
|
||||
functions = {
|
||||
# TODO: I think these should be loaded from fish files too for better editor experience?
|
||||
d = ''
|
||||
# --wraps=cd --description "Quickly jump to NICE_HOME (or given relative or absolute path) and list files."
|
||||
if count $argv > /dev/null
|
||||
cd $argv
|
||||
else
|
||||
cd $NICE_HOME
|
||||
end
|
||||
la
|
||||
'';
|
||||
|
||||
c = ''
|
||||
if count $argv > /dev/null
|
||||
cd $NICE_HOME && d $argv
|
||||
else
|
||||
d $NICE_HOME
|
||||
end
|
||||
'';
|
||||
|
||||
ltl = ''
|
||||
set d $argv[1] .
|
||||
set -l l ""
|
||||
for f in $d[1]/*
|
||||
if test -z $l; set l $f; continue; end
|
||||
if command test $f -nt $l; and test ! -d $f
|
||||
set l $f
|
||||
end
|
||||
end
|
||||
echo $l
|
||||
'';
|
||||
|
||||
has_command = "command --quiet --search $argv[1]";
|
||||
};
|
||||
shellAbbrs = {};
|
||||
shellAliases = {
|
||||
l = "br";
|
||||
ls = "eza --group-directories-first --classify";
|
||||
la = "eza -la --group-directories-first --classify";
|
||||
lA = "eza -la --all --group-directories-first --classify";
|
||||
tree = "eza --tree --level=3";
|
||||
lt = "eza -l --sort=modified";
|
||||
lat = "eza -la --sort=modified";
|
||||
lc = "lt --sort=accessed";
|
||||
lT = "lt --reverse";
|
||||
lC = "lc --reverse";
|
||||
lD = "la --only-dirs";
|
||||
"cd.." = "d ..";
|
||||
"cdc" = "d $XDG_CONFIG_HOME";
|
||||
"cdn" = "d $NOTES_PATH";
|
||||
"cdl" = "d $XDG_DOWNLOAD_DIR";
|
||||
"cdg" = "d $XDG_GAMES_DIR";
|
||||
".." = "d ..";
|
||||
"..." = "d ../..";
|
||||
"...." = "d ../../..";
|
||||
"....." = "d ../../../..";
|
||||
"......" = "d ../../../../..";
|
||||
"......." = "d ../../../../../..";
|
||||
"........" = "d ../../../../../../..";
|
||||
"........." = "d ../../../../../../../..";
|
||||
p = "ping";
|
||||
dc = "docker compose";
|
||||
pc = "podman-compose";
|
||||
k = "kubectl";
|
||||
kg = "kubectl get";
|
||||
v = "$EDITOR";
|
||||
sv = "sudo $EDITOR";
|
||||
kssh = "kitty +kitten ssh";
|
||||
};
|
||||
};
|
||||
}
|
|
@ -14,19 +14,24 @@ function fish_greeting
|
|||
end
|
||||
|
||||
function preprocess_pwd
|
||||
test (pwd) = / && echo "/" && return 1
|
||||
test (pwd) = / && echo / && return 1
|
||||
test (pwd) = $NICE_HOME && echo "~" && return 0
|
||||
pwd \
|
||||
| cut -c2- \
|
||||
| gawk '{n=split($0,p,"/");for(i=1;i<=n;i++){if(i==n){printf "/%s",p[i]}else{printf "/%.3s",p[i]}}}'
|
||||
end
|
||||
|
||||
function _maybe_sudo_prefix
|
||||
function _maybe_elevated_access_prefix
|
||||
if set -q SUDO_USER
|
||||
set_color -b yellow black
|
||||
printf " SUDO "
|
||||
set_color -b normal normal
|
||||
printf " "
|
||||
else if test $USER = root
|
||||
set_color -b red black
|
||||
printf " ROOT "
|
||||
set_color -b normal normal
|
||||
printf " "
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -56,6 +61,9 @@ end
|
|||
function _last_cmd_duration
|
||||
set_color -b normal green
|
||||
set -q CMD_DURATION && printf " %dms" $CMD_DURATION
|
||||
if test $CMD_DURATION -gt 5000
|
||||
printf "\e]777;notify;%s;%s\e\\" "WezTerm: Command Finished" (history --max 1)
|
||||
end
|
||||
end
|
||||
|
||||
function _maybe_jobs_summary
|
||||
|
@ -111,7 +119,7 @@ function fish_prompt
|
|||
set last_cmd_status $status
|
||||
_prompt_marker
|
||||
_prompt_prefix
|
||||
_maybe_sudo_prefix
|
||||
_maybe_elevated_access_prefix
|
||||
_user_and_host $last_cmd_status
|
||||
_cur_work_dir
|
||||
_maybe_git_summary
|
||||
|
@ -121,8 +129,10 @@ function fish_prompt
|
|||
_user_prompt
|
||||
end
|
||||
|
||||
function fish_mode_prompt; end
|
||||
function fish_right_prompt; end
|
||||
function fish_mode_prompt
|
||||
end
|
||||
function fish_right_prompt
|
||||
end
|
||||
|
||||
# key bindings
|
||||
fish_vi_key_bindings
|
||||
|
@ -137,15 +147,19 @@ bind --mode insert --sets-mode default jk repaint
|
|||
bind --mode insert --sets-mode default jK repaint
|
||||
bind --mode insert --sets-mode default Jk repaint
|
||||
bind --mode insert --sets-mode default JK repaint
|
||||
bind --mode insert --sets-mode default jj repaint
|
||||
bind --mode insert --sets-mode default jJ repaint
|
||||
bind --mode insert --sets-mode default Jj repaint
|
||||
bind --mode insert --sets-mode default JJ repaint
|
||||
# bind --mode insert --sets-mode default jj repaint
|
||||
# bind --mode insert --sets-mode default jJ repaint
|
||||
# bind --mode insert --sets-mode default Jj repaint
|
||||
# bind --mode insert --sets-mode default JJ repaint
|
||||
|
||||
if has_command skim
|
||||
bind -M insert \cg skim-cd-widget
|
||||
end
|
||||
|
||||
if has_command fzf
|
||||
bind -M insert \cg fzf-cd-widget
|
||||
end
|
||||
|
||||
bind -M insert \cp up-or-search
|
||||
bind -M insert \cn down-or-search
|
||||
bind -M insert \ce end-of-line
|
||||
|
|
|
@ -33,7 +33,7 @@ set --export --universal EXA_COLORS '*=0'
|
|||
|
||||
set --export --universal ERL_AFLAGS "-kernel shell_history enabled -kernel shell_history_file_bytes 1024000"
|
||||
|
||||
set --export --universal BROWSER firefox
|
||||
set --export --universal BROWSER (which firefox)
|
||||
|
||||
set --export --universal SOPS_AGE_KEY_FILE "$XDG_CONFIG_HOME/sops/age/keys.txt"
|
||||
|
||||
|
@ -42,6 +42,8 @@ if has_command skim
|
|||
set --export --universal SKIM_CTRL_T_COMMAND "fd --hidden"
|
||||
end
|
||||
|
||||
set --export --universal NEWT_COLORS "root=black,black:border=black,blue"
|
||||
|
||||
# colors
|
||||
set -U fish_color_normal normal # default color
|
||||
set -U fish_color_command white # base command being run (>ls< -la)
|
||||
|
@ -66,6 +68,10 @@ set -U fish_pager_color_prefix blue # the string being completed
|
|||
set -U fish_pager_color_progress white\x1e\x2d\x2dbackground\x3d333 # status indicator at the bottom
|
||||
# set -U fish_pager_color_secondary \x2d\x2dbackground\x3d181818 # alternating rows
|
||||
|
||||
if test -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.fish'
|
||||
source '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.fish'
|
||||
end
|
||||
|
||||
function has_command --wraps=command --description "Exits non-zero if the given command cannot be found"
|
||||
command --quiet --search $argv[1]
|
||||
end
|
||||
|
@ -74,6 +80,9 @@ if has_command rtx
|
|||
rtx activate fish | source
|
||||
end
|
||||
|
||||
for dir in ~/.cargo/bin ~/.nimble/bin ~/.local/bin
|
||||
fish_add_path $dir
|
||||
for dir in ~/.cargo/bin ~/.nimble/bin ~/.local/bin /opt/homebrew/bin
|
||||
test -d $dir && fish_add_path $dir
|
||||
end
|
||||
|
||||
# don't let other users read my files by default
|
||||
umask 077
|
||||
|
|
|
@ -1,33 +0,0 @@
|
|||
{outputs, ...}: let
|
||||
scale = 1.25;
|
||||
in {
|
||||
imports = with outputs.homeManagerModules; [
|
||||
sway
|
||||
sway-laptop
|
||||
# hyprland
|
||||
];
|
||||
|
||||
home = {
|
||||
stateVersion = "24.05";
|
||||
};
|
||||
|
||||
wayland.windowManager.hyprland = {
|
||||
settings = {
|
||||
# See https://wiki.hyprland.org/Configuring/Keywords/ for more
|
||||
monitor = [
|
||||
"eDP-1,2256x1504@60,0x0,${toString scale}"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
wayland.windowManager.sway = {
|
||||
config = {
|
||||
output = {
|
||||
"BOE 0x0BCA Unknown" = {
|
||||
mode = "2256x1504@60Hz";
|
||||
scale = toString scale;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,84 +0,0 @@
|
|||
{lib, ...}: let
|
||||
email = lib.mkDefault "daniel@lyte.dev";
|
||||
in {
|
||||
programs.git = {
|
||||
enable = true;
|
||||
|
||||
userEmail = email;
|
||||
userName = lib.mkDefault "Daniel Flanagan";
|
||||
|
||||
delta = {
|
||||
enable = true;
|
||||
options = {};
|
||||
};
|
||||
|
||||
lfs = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
signing = {
|
||||
signByDefault = true;
|
||||
key = email;
|
||||
};
|
||||
|
||||
aliases = {
|
||||
a = "add -A";
|
||||
ac = "commit -a";
|
||||
b = "rev-parse --symbolic-full-name HEAD";
|
||||
c = "commit";
|
||||
cm = "commit -m";
|
||||
cnv = "commit --no-verify";
|
||||
co = "checkout";
|
||||
d = "diff";
|
||||
ds = "diff --staged";
|
||||
dt = "difftool";
|
||||
f = "fetch";
|
||||
l = "log --graph --abbrev-commit --decorate --oneline --all";
|
||||
plainlog = " log --pretty=format:'%h %ad%x09%an%x09%s' --date=short --decorate";
|
||||
ls = "ls-files";
|
||||
mm = "merge master";
|
||||
p = "push";
|
||||
pf = "push --force-with-lease";
|
||||
pl = "pull";
|
||||
rim = "rebase -i master";
|
||||
s = "status";
|
||||
};
|
||||
|
||||
extraConfig = {
|
||||
push = {
|
||||
autoSetupRemote = true;
|
||||
};
|
||||
|
||||
branch = {
|
||||
autoSetupMerge = true;
|
||||
};
|
||||
|
||||
sendemail = {
|
||||
smtpserver = "smtp.mailgun.org";
|
||||
smtpuser = email;
|
||||
smtrpencryption = "tls";
|
||||
smtpserverport = 587;
|
||||
};
|
||||
|
||||
url = {
|
||||
# TODO: how to have per-machine not-in-git configuration?
|
||||
"git@git.hq.bill.com:" = {
|
||||
insteadOf = "https://git.hq.bill.com";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
programs.fish.functions = {
|
||||
g = {
|
||||
wraps = "git";
|
||||
body = ''
|
||||
if test (count $argv) -gt 0
|
||||
git $argv
|
||||
else
|
||||
git status
|
||||
end
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,459 +0,0 @@
|
|||
{
|
||||
inputs,
|
||||
colors,
|
||||
system,
|
||||
...
|
||||
}: {
|
||||
programs.helix = {
|
||||
enable = true;
|
||||
package = inputs.helix.packages.${system}.helix;
|
||||
languages = {
|
||||
language-server = {
|
||||
lexical = {
|
||||
command = "lexical";
|
||||
args = ["start"];
|
||||
};
|
||||
|
||||
# next-ls = {
|
||||
# command = "next-ls";
|
||||
# args = ["--stdout"];
|
||||
# };
|
||||
|
||||
# deno = {
|
||||
# command = "deno";
|
||||
# args = ["lsp"];
|
||||
# config = {
|
||||
# enable = true;
|
||||
# lint = true;
|
||||
# unstable = true;
|
||||
# };
|
||||
# };
|
||||
};
|
||||
|
||||
language = [
|
||||
{
|
||||
name = "elixir";
|
||||
language-servers = ["lexical"]; # "lexical" "next-ls" ?
|
||||
auto-format = true;
|
||||
}
|
||||
{
|
||||
name = "html";
|
||||
auto-format = false;
|
||||
}
|
||||
{
|
||||
name = "nix";
|
||||
auto-format = true;
|
||||
formatter = {
|
||||
command = "alejandra";
|
||||
args = ["-"];
|
||||
};
|
||||
}
|
||||
{
|
||||
name = "fish";
|
||||
auto-format = true;
|
||||
indent = {
|
||||
tab-width = 2;
|
||||
unit = "\t";
|
||||
};
|
||||
}
|
||||
|
||||
# {
|
||||
# name = "javascript";
|
||||
# language-id = "javascript";
|
||||
# grammar = "javascript";
|
||||
# scope = "source.js";
|
||||
# injection-regex = "^(js|javascript)$";
|
||||
# file-types = ["js" "mjs"];
|
||||
# shebangs = ["deno"];
|
||||
# language-servers = ["deno"];
|
||||
# roots = ["deno.jsonc" "deno.json"];
|
||||
# formatter = {
|
||||
# command = "deno";
|
||||
# args = ["fmt"];
|
||||
# };
|
||||
# auto-format = true;
|
||||
# comment-token = "//";
|
||||
# indent = {
|
||||
# tab-width = 2;
|
||||
# unit = "\t";
|
||||
# };
|
||||
# }
|
||||
|
||||
# {
|
||||
# name = "typescript";
|
||||
# language-id = "typescript";
|
||||
# grammar = "typescript";
|
||||
# scope = "source.ts";
|
||||
# injection-regex = "^(ts|typescript)$";
|
||||
# file-types = ["ts"];
|
||||
# shebangs = ["deno"];
|
||||
# language-servers = ["deno"];
|
||||
# roots = ["deno.jsonc" "deno.json"];
|
||||
# formatter = {
|
||||
# command = "deno";
|
||||
# args = ["fmt"];
|
||||
# };
|
||||
# auto-format = true;
|
||||
# comment-token = "//";
|
||||
# indent = {
|
||||
# tab-width = 2;
|
||||
# unit = "\t";
|
||||
# };
|
||||
# }
|
||||
|
||||
# {
|
||||
# name = "jsonc";
|
||||
# language-id = "json";
|
||||
# grammar = "jsonc";
|
||||
# scope = "source.jsonc";
|
||||
# injection-regex = "^(jsonc)$";
|
||||
# roots = ["deno.jsonc" "deno.json"];
|
||||
# file-types = ["jsonc"];
|
||||
# language-servers = ["deno"];
|
||||
# indent = {
|
||||
# tab-width = 2;
|
||||
# unit = " ";
|
||||
# };
|
||||
# auto-format = true;
|
||||
# }
|
||||
];
|
||||
};
|
||||
|
||||
settings = {
|
||||
theme = "custom";
|
||||
|
||||
editor = {
|
||||
soft-wrap.enable = true;
|
||||
auto-pairs = false;
|
||||
# auto-save = false;
|
||||
# completion-trigger-len = 1;
|
||||
# color-modes = false;
|
||||
bufferline = "multiple";
|
||||
# scrolloff = 8;
|
||||
rulers = [81 121];
|
||||
cursorline = true;
|
||||
|
||||
cursor-shape = {
|
||||
normal = "block";
|
||||
insert = "bar";
|
||||
select = "underline";
|
||||
};
|
||||
|
||||
file-picker.hidden = false;
|
||||
indent-guides = {
|
||||
render = true;
|
||||
character = "▏";
|
||||
};
|
||||
|
||||
lsp = {
|
||||
display-messages = true;
|
||||
# display-inlay-hints = true;
|
||||
};
|
||||
statusline = {
|
||||
separator = " ";
|
||||
mode = {
|
||||
"normal" = "N";
|
||||
"insert" = "I";
|
||||
"select" = "S";
|
||||
};
|
||||
left = [
|
||||
"file-name"
|
||||
"mode"
|
||||
# "selections"
|
||||
# "primary-selection-length"
|
||||
# "position"
|
||||
# "position-percentage"
|
||||
"spinner"
|
||||
"diagnostics"
|
||||
"workspace-diagnostics"
|
||||
];
|
||||
};
|
||||
# center = ["file-name"];
|
||||
# right = ["version-control" "total-line-numbers" "file-encoding"];
|
||||
# };
|
||||
};
|
||||
keys = {
|
||||
insert = {
|
||||
j = {
|
||||
k = "normal_mode";
|
||||
j = "normal_mode";
|
||||
K = "normal_mode";
|
||||
J = "normal_mode";
|
||||
};
|
||||
};
|
||||
|
||||
normal = {
|
||||
"C-k" = "jump_view_up";
|
||||
"C-j" = "jump_view_down";
|
||||
"C-h" = "jump_view_left";
|
||||
"C-l" = "jump_view_right";
|
||||
"C-q" = ":quit-all!";
|
||||
# "L" = "repeat_last_motion";
|
||||
space = {
|
||||
q = ":reflow 80";
|
||||
Q = ":reflow 120";
|
||||
C = ":bc!";
|
||||
h = ":toggle lsp.display-inlay-hints";
|
||||
# O = ["select_textobject_inner WORD", ":pipe-to xargs xdg-open"];
|
||||
};
|
||||
};
|
||||
|
||||
select = {
|
||||
space = {
|
||||
q = ":reflow 80";
|
||||
Q = ":reflow 120";
|
||||
};
|
||||
# "L" = "repeat_last_motion";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
themes = with colors.withHashPrefix; {
|
||||
custom = {
|
||||
"type" = orange;
|
||||
|
||||
"constructor" = blue;
|
||||
|
||||
"constant" = orange;
|
||||
"constant.builtin" = orange;
|
||||
"constant.character" = yellow;
|
||||
"constant.character.escape" = orange;
|
||||
|
||||
"string" = green;
|
||||
"string.regexp" = orange;
|
||||
"string.special" = blue;
|
||||
|
||||
"comment" = {
|
||||
fg = fgdim;
|
||||
modifiers = ["italic"];
|
||||
};
|
||||
|
||||
"variable" = text;
|
||||
"variable.parameter" = {
|
||||
fg = red;
|
||||
modifiers = ["italic"];
|
||||
};
|
||||
"variable.builtin" = red;
|
||||
"variable.other.member" = text;
|
||||
|
||||
"label" = blue;
|
||||
|
||||
"punctuation" = fgdim;
|
||||
"punctuation.special" = blue;
|
||||
|
||||
"keyword" = purple;
|
||||
"keyword.storage.modifier.ref" = yellow;
|
||||
"keyword.control.conditional" = {
|
||||
fg = purple;
|
||||
modifiers = ["italic"];
|
||||
};
|
||||
|
||||
"operator" = blue;
|
||||
|
||||
"function" = blue;
|
||||
"function.macro" = purple;
|
||||
|
||||
"tag" = purple;
|
||||
"attribute" = blue;
|
||||
|
||||
"namespace" = {
|
||||
fg = blue;
|
||||
modifiers = ["italic"];
|
||||
};
|
||||
|
||||
"special" = blue;
|
||||
|
||||
"markup.heading.marker" = {
|
||||
fg = orange;
|
||||
modifiers = ["bold"];
|
||||
};
|
||||
"markup.heading.1" = blue;
|
||||
"markup.heading.2" = yellow;
|
||||
"markup.heading.3" = green;
|
||||
"markup.heading.4" = orange;
|
||||
"markup.heading.5" = red;
|
||||
"markup.heading.6" = fg3;
|
||||
"markup.list" = purple;
|
||||
"markup.bold" = {modifiers = ["bold"];};
|
||||
"markup.italic" = {modifiers = ["italic"];};
|
||||
"markup.strikethrough" = {modifiers = ["crossed_out"];};
|
||||
"markup.link.url" = {
|
||||
fg = red;
|
||||
modifiers = ["underlined"];
|
||||
};
|
||||
"markup.link.text" = blue;
|
||||
"markup.raw" = red;
|
||||
|
||||
"diff.plus" = green;
|
||||
"diff.minus" = red;
|
||||
"diff.delta" = blue;
|
||||
|
||||
"ui.linenr" = {fg = fgdim;};
|
||||
"ui.linenr.selected" = {fg = fg2;};
|
||||
|
||||
"ui.statusline" = {
|
||||
fg = fgdim;
|
||||
bg = bg;
|
||||
};
|
||||
"ui.statusline.inactive" = {
|
||||
fg = fg3;
|
||||
bg = bg2;
|
||||
};
|
||||
"ui.statusline.normal" = {
|
||||
fg = bg;
|
||||
bg = purple;
|
||||
modifiers = ["bold"];
|
||||
};
|
||||
"ui.statusline.insert" = {
|
||||
fg = bg;
|
||||
bg = green;
|
||||
modifiers = ["bold"];
|
||||
};
|
||||
"ui.statusline.select" = {
|
||||
fg = bg;
|
||||
bg = red;
|
||||
modifiers = ["bold"];
|
||||
};
|
||||
|
||||
"ui.popup" = {
|
||||
fg = text;
|
||||
bg = bg2;
|
||||
};
|
||||
"ui.window" = {fg = fgdim;};
|
||||
"ui.help" = {
|
||||
fg = fg2;
|
||||
bg = bg2;
|
||||
};
|
||||
|
||||
"ui.bufferline" = {
|
||||
fg = fgdim;
|
||||
bg = bg2;
|
||||
};
|
||||
"ui.bufferline.background" = {bg = bg2;};
|
||||
|
||||
"ui.text" = text;
|
||||
"ui.text.focus" = {
|
||||
fg = text;
|
||||
bg = bg3;
|
||||
modifiers = ["bold"];
|
||||
};
|
||||
"ui.text.inactive" = {fg = fg2;};
|
||||
|
||||
"ui.virtual" = fg2;
|
||||
"ui.virtual.ruler" = {bg = bg3;};
|
||||
"ui.virtual.indent-guide" = bg3;
|
||||
"ui.virtual.inlay-hint" = {
|
||||
fg = bg3;
|
||||
bg = bg;
|
||||
};
|
||||
|
||||
"ui.selection" = {bg = bg5;};
|
||||
|
||||
"ui.cursor" = {
|
||||
fg = bg;
|
||||
bg = text;
|
||||
};
|
||||
"ui.cursor.primary" = {
|
||||
fg = bg;
|
||||
bg = red;
|
||||
};
|
||||
"ui.cursor.match" = {
|
||||
fg = orange;
|
||||
modifiers = ["bold"];
|
||||
};
|
||||
|
||||
"ui.cursor.primary.normal" = {
|
||||
fg = bg;
|
||||
bg = text;
|
||||
};
|
||||
"ui.cursor.primary.insert" = {
|
||||
fg = bg;
|
||||
bg = text;
|
||||
};
|
||||
"ui.cursor.primary.select" = {
|
||||
fg = bg;
|
||||
bg = text;
|
||||
};
|
||||
|
||||
"ui.cursor.normal" = {
|
||||
fg = bg;
|
||||
bg = fg;
|
||||
};
|
||||
"ui.cursor.insert" = {
|
||||
fg = bg;
|
||||
bg = fg;
|
||||
};
|
||||
"ui.cursor.select" = {
|
||||
fg = bg;
|
||||
bg = fg;
|
||||
};
|
||||
|
||||
"ui.cursorline.primary" = {bg = bg3;};
|
||||
|
||||
"ui.highlight" = {
|
||||
bg = bg3;
|
||||
fg = bg;
|
||||
modifiers = ["bold"];
|
||||
};
|
||||
|
||||
"ui.menu" = {
|
||||
fg = fg3;
|
||||
bg = bg2;
|
||||
};
|
||||
"ui.menu.selected" = {
|
||||
fg = text;
|
||||
bg = bg3;
|
||||
modifiers = ["bold"];
|
||||
};
|
||||
|
||||
"diagnostic.error" = {
|
||||
underline = {
|
||||
color = red;
|
||||
style = "curl";
|
||||
};
|
||||
};
|
||||
"diagnostic.warning" = {
|
||||
underline = {
|
||||
color = orange;
|
||||
style = "curl";
|
||||
};
|
||||
};
|
||||
"diagnostic.info" = {
|
||||
underline = {
|
||||
color = blue;
|
||||
style = "curl";
|
||||
};
|
||||
};
|
||||
"diagnostic.hint" = {
|
||||
underline = {
|
||||
color = blue;
|
||||
style = "curl";
|
||||
};
|
||||
};
|
||||
|
||||
error = red;
|
||||
warning = orange;
|
||||
info = blue;
|
||||
hint = yellow;
|
||||
"ui.background" = {
|
||||
bg = bg;
|
||||
fg = fgdim;
|
||||
};
|
||||
|
||||
# "ui.cursorline.primary" = { bg = "default" }
|
||||
# "ui.cursorline.secondary" = { bg = "default" }
|
||||
"ui.cursorcolumn.primary" = {bg = bg3;};
|
||||
"ui.cursorcolumn.secondary" = {bg = bg3;};
|
||||
|
||||
"ui.bufferline.active" = {
|
||||
fg = primary;
|
||||
bg = bg3;
|
||||
underline = {
|
||||
color = primary;
|
||||
style = "";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,14 +0,0 @@
|
|||
{
|
||||
programs.htop = {
|
||||
enable = true;
|
||||
settings = {
|
||||
hide_kernel_threads = 1;
|
||||
hide_userland_threads = 1;
|
||||
show_program_path = 0;
|
||||
header_margin = 0;
|
||||
show_cpu_frequency = 1;
|
||||
highlight_base_name = 1;
|
||||
tree_view = 0;
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,12 +1,18 @@
|
|||
{
|
||||
outputs,
|
||||
colors,
|
||||
pkgs,
|
||||
style,
|
||||
config,
|
||||
lib,
|
||||
# font,
|
||||
...
|
||||
}: {
|
||||
imports = [outputs.homeManagerModules.ewwbar];
|
||||
}: let
|
||||
inherit (style) colors;
|
||||
in {
|
||||
# TODO: Hyprland seems to sometimes use a ton of CPU?
|
||||
|
||||
home.packages = with pkgs; [
|
||||
swayosd
|
||||
];
|
||||
|
||||
home.file."${config.xdg.configHome}/hypr/hyprpaper.conf" = {
|
||||
enable = true;
|
||||
|
@ -23,8 +29,6 @@
|
|||
monitor = [
|
||||
# See https://wiki.hyprland.org/Configuring/Monitors/
|
||||
",preferred,auto,auto"
|
||||
"desc:LG Display 0x0521,3840x2160@120,0x0,1"
|
||||
"desc:Dell Inc. DELL U2720Q D3TM623,3840x2160@60,3840x0,1.5,transform,3"
|
||||
];
|
||||
|
||||
xwayland = {
|
||||
|
@ -34,59 +38,39 @@
|
|||
exec-once = [
|
||||
"hyprpaper"
|
||||
"mako"
|
||||
"eww daemon && eww open bar$EWW_BAR_MON"
|
||||
"firefox"
|
||||
"kitty --single-instance"
|
||||
# "wezterm"
|
||||
(lib.concatStringsSep " " [
|
||||
"swayidle -w"
|
||||
"timeout 300 'notify-send \"Idling in 300 seconds\"'"
|
||||
"resume 'notify-send \"Idling cancelled.\"'"
|
||||
"timeout 480 'notify-send -u critical \"Idling in 120 seconds\"'"
|
||||
"timeout 510 'notify-send -u critical \"Idling in 90 seconds\"'"
|
||||
"timeout 540 'notify-send -u critical \"Idling in 60 seconds!\"'"
|
||||
"timeout 570 'notify-send -u critical \"Idling in 30 seconds!\"'"
|
||||
"timeout 590 'notify-send -u critical \"Idling in 10 seconds!\"'"
|
||||
"timeout 591 'notify-send -u critical \"Idling in 9 seconds!\"'"
|
||||
"timeout 592 'notify-send -u critical \"Idling in 8 seconds!\"'"
|
||||
"timeout 593 'notify-send -u critical \"Idling in 7 seconds!\"'"
|
||||
"timeout 594 'notify-send -u critical \"Idling in 6 seconds!\"'"
|
||||
"timeout 595 'notify-send -u critical \"Idling in 5 seconds!\"'"
|
||||
"timeout 596 'notify-send -u critical \"Idling in 4 seconds!\"'"
|
||||
"timeout 597 'notify-send -u critical \"Idling in 3 seconds!\"'"
|
||||
"timeout 598 'notify-send -u critical \"Idling in 2 seconds!\"'"
|
||||
"timeout 599 'notify-send -u critical \"Idling in 1 second!\"'"
|
||||
"timeout 600 'swaylock --daemonize'"
|
||||
"timeout 600 'hyprctl dispatch dpms off'"
|
||||
"resume 'hyprctl dispatch dpms on'"
|
||||
# "resume 'maybe-good-morning'"
|
||||
"before-sleep 'swaylock --daemonize'"
|
||||
])
|
||||
''swayidle -w timeout 600 'notify-send "Locking in 30 seconds..."' timeout 630 'swaylock -f' timeout 660 'hyprctl dispatch dpms off' resume 'hyprctl dispatch dpms on && maybe-good-morning' before-sleep 'swaylock -f'"''
|
||||
"dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP"
|
||||
"swayosd-server"
|
||||
"eww daemon"
|
||||
"[workspace 1 silent] firefox"
|
||||
"[workspace 1 silent] wezterm"
|
||||
"xwaylandvideobridge"
|
||||
"systemctl --user import-environment QT_QPA_PLATFORMTHEME"
|
||||
"hypridle"
|
||||
];
|
||||
|
||||
env = [
|
||||
"XCURSOR_SIZE,24"
|
||||
"EWW_BAR_MON,0"
|
||||
];
|
||||
|
||||
input = {
|
||||
kb_layout = "us";
|
||||
kb_options = "ctrl:nocaps";
|
||||
# kb_variant =
|
||||
# kb_model =
|
||||
# kb_rules =
|
||||
|
||||
/*
|
||||
kb_variant =
|
||||
kb_model =
|
||||
kb_rules =
|
||||
*/
|
||||
|
||||
follow_mouse = 2;
|
||||
|
||||
repeat_delay = 200;
|
||||
repeat_rate = 60;
|
||||
repeat_delay = 180;
|
||||
repeat_rate = 120;
|
||||
|
||||
touchpad = {
|
||||
natural_scroll = "yes";
|
||||
tap-to-click = true;
|
||||
middle_button_emulation = true;
|
||||
disable_while_typing = false;
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -99,6 +83,10 @@
|
|||
allow_workspace_cycles = true;
|
||||
};
|
||||
|
||||
cursor = {
|
||||
no_warps = true;
|
||||
};
|
||||
|
||||
general = {
|
||||
# See https://wiki.hyprland.org/Configuring/Variables/ for more
|
||||
"col.active_border" = "0xff${colors.primary} 0xff${colors.green} 45deg";
|
||||
|
@ -107,7 +95,6 @@
|
|||
gaps_in = 3;
|
||||
gaps_out = 6;
|
||||
border_size = 2;
|
||||
no_cursor_warps = true;
|
||||
resize_on_border = true;
|
||||
no_focus_fallback = true;
|
||||
|
||||
|
@ -115,107 +102,112 @@
|
|||
};
|
||||
|
||||
decoration = {
|
||||
rounding = 3;
|
||||
# blur = "no";
|
||||
# blur_size = 3
|
||||
# blur_passes = 1
|
||||
# blur_new_optimizations = on
|
||||
rounding = 5;
|
||||
|
||||
drop_shadow = "yes";
|
||||
shadow_range = 4;
|
||||
shadow_render_power = 3;
|
||||
"col.shadow" = "rgba(1a1a1aee)";
|
||||
/*
|
||||
blur = "no";
|
||||
blur_size = 3
|
||||
blur_passes = 1
|
||||
blur_new_optimizations = on
|
||||
*/
|
||||
|
||||
shadow = {
|
||||
enabled = true;
|
||||
color = "rgba(1a1a1aee)";
|
||||
range = 4;
|
||||
render_power = 3;
|
||||
};
|
||||
|
||||
dim_inactive = false;
|
||||
};
|
||||
|
||||
"$mainMod" = "SUPER";
|
||||
"$mod" = "SUPER";
|
||||
bind = [
|
||||
# See https://wiki.hyprland.org/Configuring/Keywords/ for more
|
||||
# "$mainMod, return, exec, wezterm"
|
||||
# "$mainMod SHIFT, return, exec, wezterm"
|
||||
"$mainMod, return, exec, kitty --single-instance"
|
||||
"$mainMod SHIFT, return, exec, kitty"
|
||||
"$mainMod, U, exec, firefox"
|
||||
"$mainMod, space, exec, wofi --show drun"
|
||||
"$mainMod, C, killactive,"
|
||||
"$mainMod, M, exit,"
|
||||
"$mainMod, E, exec, dolphin"
|
||||
"$mainMod, F, togglefloating,"
|
||||
"$mainMod SHIFT, F, fullscreen,"
|
||||
"$mainMod, R, exec, anyrun"
|
||||
"$mainMod, S, pseudo, # dwindle"
|
||||
"$mainMod, P, togglesplit, # dwindle"
|
||||
/*
|
||||
"$mod, return, exec, wezterm"
|
||||
"$mod SHIFT, return, exec, wezterm"
|
||||
*/
|
||||
"$mod, return, exec, wezterm"
|
||||
"$mod SHIFT, return, exec, kitty"
|
||||
"$mod, U, exec, firefox"
|
||||
"$mod, space, exec, tofi-run | xargs hyprctl dispatch exec --"
|
||||
"$mod, C, killactive,"
|
||||
"$mod SHIFT, E, exit,"
|
||||
"$mod, E, exec, dolphin"
|
||||
"$mod, F, togglefloating,"
|
||||
"$mod SHIFT, F, fullscreen,"
|
||||
"$mod, R, exec, anyrun"
|
||||
"$mod, S, pseudo, # dwindle"
|
||||
"$mod, P, togglesplit, # dwindle"
|
||||
|
||||
# Move focus with mod + arrow keys
|
||||
"$mod, left, movefocus, l"
|
||||
"$mod, right, movefocus, r"
|
||||
"$mod, up, movefocus, u"
|
||||
"$mod, down, movefocus, d"
|
||||
"$mod, h, movefocus, l"
|
||||
"$mod, l, movefocus, r"
|
||||
"$mod, k, movefocus, u"
|
||||
"$mod, j, movefocus, d"
|
||||
"$mod SHIFT, H, movewindow, l"
|
||||
"$mod SHIFT, L, movewindow, r"
|
||||
"$mod SHIFT, K, movewindow, u"
|
||||
"$mod SHIFT, J, movewindow, d"
|
||||
|
||||
"$mod SHIFT, V, exec, swayosd-client --input-volume mute-toggle"
|
||||
", XF86AudioMicMute, exec, swayosd-client --input-volume mute-toggle"
|
||||
", XF86AudioMute, exec, swayosd-client --output-volume mute-toggle"
|
||||
", XF86AudioRaiseVolume, exec, swayosd-client --output-volume raise"
|
||||
", XF86AudioLowerVolume, exec, swayosd-client --output-volume lower"
|
||||
|
||||
", XF86MonBrightnessUp, exec, swayosd-client --brightness raise"
|
||||
", XF86MonBrightnessDown, exec, swayosd-client --brightness lower"
|
||||
|
||||
# Move focus with mainMod + arrow keys
|
||||
"$mainMod, left, movefocus, l"
|
||||
"$mainMod, right, movefocus, r"
|
||||
"$mainMod, up, movefocus, u"
|
||||
"$mainMod, down, movefocus, d"
|
||||
"$mainMod, h, movefocus, l"
|
||||
"$mainMod, l, movefocus, r"
|
||||
"$mainMod, k, movefocus, u"
|
||||
"$mainMod, j, movefocus, d"
|
||||
"$mainMod SHIFT, H, swapwindow, l"
|
||||
"$mainMod SHIFT, L, swapwindow, r"
|
||||
"$mainMod SHIFT, K, swapwindow, u"
|
||||
"$mainMod SHIFT, J, swapwindow, d"
|
||||
"$mainMod SHIFT, V, exec, pamixer --default-source --toggle-mute"
|
||||
"$mainMod, F1, exec, pamixer --default-source --toggle-mute"
|
||||
", XF86AudioMicMute, exec, pamixer --default-source --toggle-mute"
|
||||
", XF86AudioMute, exec, pamixer --toggle-mute"
|
||||
", XF86AudioRaiseVolume, exec, pamixer --increase 5"
|
||||
", XF86AudioLowerVolume, exec, pamixer --decrease 5"
|
||||
"CTRL, XF86AudioRaiseVolume, exec, pamixer --increase 1"
|
||||
"CTRL, XF86AudioLowerVolume, exec, pamixer --decrease 1"
|
||||
", XF86AudioPlay, exec, playerctl play-pause"
|
||||
", XF86AudioNext, exec, playerctl next"
|
||||
", XF86AudioPrev, exec, playerctl previous"
|
||||
"$mainMod, tab, workspace, previous"
|
||||
|
||||
# Switch workspaces with mainMod + [0-9]
|
||||
"$mainMod, 1, workspace, 1"
|
||||
"$mainMod, 2, workspace, 2"
|
||||
"$mainMod, 3, workspace, 3"
|
||||
"$mainMod, 4, workspace, 4"
|
||||
"$mainMod, 5, workspace, 5"
|
||||
"$mainMod, 6, workspace, 6"
|
||||
"$mainMod, 7, workspace, 7"
|
||||
"$mainMod, 8, workspace, 8"
|
||||
"$mainMod, 9, workspace, 9"
|
||||
"$mainMod, 0, workspace, 10"
|
||||
"$mod, tab, workspace, previous"
|
||||
"ALT, tab, workspace, previous"
|
||||
|
||||
# Move active window to a workspace with mainMod + SHIFT + [0-9]
|
||||
"$mainMod SHIFT, 1, movetoworkspace, 1"
|
||||
"$mainMod SHIFT, 2, movetoworkspace, 2"
|
||||
"$mainMod SHIFT, 3, movetoworkspace, 3"
|
||||
"$mainMod SHIFT, 4, movetoworkspace, 4"
|
||||
"$mainMod SHIFT, 5, movetoworkspace, 5"
|
||||
"$mainMod SHIFT, 6, movetoworkspace, 6"
|
||||
"$mainMod SHIFT, 7, movetoworkspace, 7"
|
||||
"$mainMod SHIFT, 8, movetoworkspace, 8"
|
||||
"$mainMod SHIFT, 9, movetoworkspace, 9"
|
||||
"$mainMod SHIFT, 0, movetoworkspace, 10"
|
||||
", XF86MonBrightnessDown, exec, brightnessctl set 10%-"
|
||||
", XF86MonBrightnessUp, exec, brightnessctl set +10%"
|
||||
"SHIFT, XF86MonBrightnessDown, exec, brightnessctl set 1%"
|
||||
"SHIFT, XF86MonBrightnessUp, exec, brightnessctl set 100%"
|
||||
"CTRL, XF86MonBrightnessDown, exec, brightnessctl set 1%-"
|
||||
"CTRL, XF86MonBrightnessUp, exec, brightnessctl set +1%"
|
||||
"$mainMod SHIFT, S, exec, clipshot"
|
||||
# Switch workspaces with mod + [0-9]
|
||||
"$mod, 1, workspace, 1"
|
||||
"$mod, 2, workspace, 2"
|
||||
"$mod, 3, workspace, 3"
|
||||
"$mod, 4, workspace, 4"
|
||||
"$mod, 5, workspace, 5"
|
||||
"$mod, 6, workspace, 6"
|
||||
"$mod, 7, workspace, 7"
|
||||
"$mod, 8, workspace, 8"
|
||||
"$mod, 9, workspace, 9"
|
||||
"$mod, 0, workspace, 10"
|
||||
|
||||
# Scroll through existing workspaces with mainMod + scroll
|
||||
"$mainMod, mouse_down, workspace, e+1"
|
||||
"$mainMod, mouse_up, workspace, e-1"
|
||||
"CTRL SHIFT $mainMod, L, exec, swaylock"
|
||||
"$mainMod CTRL, space, exec, makoctl dismiss"
|
||||
"$mainMod SHIFT CTRL, space, exec, makoctl restore"
|
||||
"$mainMod SHIFT, space, exec, makoctl invoke"
|
||||
"$mainMod, E, exec, thunar"
|
||||
# Move active window to a workspace with mod + SHIFT + [0-9]
|
||||
"$mod SHIFT, 1, movetoworkspace, 1"
|
||||
"$mod SHIFT, 2, movetoworkspace, 2"
|
||||
"$mod SHIFT, 3, movetoworkspace, 3"
|
||||
"$mod SHIFT, 4, movetoworkspace, 4"
|
||||
"$mod SHIFT, 5, movetoworkspace, 5"
|
||||
"$mod SHIFT, 6, movetoworkspace, 6"
|
||||
"$mod SHIFT, 7, movetoworkspace, 7"
|
||||
"$mod SHIFT, 8, movetoworkspace, 8"
|
||||
"$mod SHIFT, 9, movetoworkspace, 9"
|
||||
"$mod SHIFT, 0, movetoworkspace, 10"
|
||||
"$mod SHIFT, S, exec, clipshot"
|
||||
|
||||
# Scroll through existing workspaces with mod + scroll
|
||||
"$mod, mouse_down, workspace, e+1"
|
||||
"$mod, mouse_up, workspace, e-1"
|
||||
"CTRL SHIFT $mod, L, exec, hyprlock"
|
||||
"$mod CTRL, space, exec, makoctl dismiss"
|
||||
"$mod SHIFT CTRL, space, exec, makoctl restore"
|
||||
"$mod SHIFT, space, exec, makoctl invoke default"
|
||||
"$mod, E, exec, thunar"
|
||||
];
|
||||
|
||||
# Move/resize windows with mainMod + LMB/RMB and dragging
|
||||
bindm = ["$mainMod, mouse:272, movewindow" "$mainMod, mouse:273, resizewindow"];
|
||||
# Move/resize windows with mod + LMB/RMB and dragging
|
||||
bindm = ["$mod, mouse:272, movewindow" "$mod, mouse:273, resizewindow"];
|
||||
};
|
||||
|
||||
extraConfig = ''
|
||||
|
@ -235,15 +227,15 @@
|
|||
|
||||
dwindle {
|
||||
# See https://wiki.hyprland.org/Configuring/Dwindle-Layout/ for more
|
||||
# master switch for pseudotiling. Enabling is bound to mainMod + P in the keybinds section below
|
||||
# master switch for pseudotiling. Enabling is bound to mod + P in the keybinds section below
|
||||
pseudotile = yes
|
||||
preserve_split = 1
|
||||
no_gaps_when_only = true
|
||||
# no_gaps_when_only = true
|
||||
}
|
||||
|
||||
master {
|
||||
# See https://wiki.hyprland.org/Configuring/Master-Layout/ for more
|
||||
new_is_master = true
|
||||
# new_is_master = true
|
||||
}
|
||||
|
||||
gestures {
|
||||
|
@ -251,14 +243,178 @@
|
|||
workspace_swipe = on
|
||||
}
|
||||
|
||||
# Example per-device config
|
||||
# See https://wiki.hyprland.org/Configuring/Keywords/#executing for more
|
||||
# device:epic-mouse-v1 {
|
||||
# sensitivity = -0.5
|
||||
# }
|
||||
## Example per-device config
|
||||
## See https://wiki.hyprland.org/Configuring/Keywords/#executing for more
|
||||
## device:epic-mouse-v1 {
|
||||
## sensitivity = -0.5
|
||||
## }
|
||||
|
||||
# See https://wiki.hyprland.org/Configuring/Window-Rules/ for more
|
||||
# windowrulev2 = float,class:^.*(kitty|firefox|org.wezfurlong.wezterm).*$
|
||||
## See https://wiki.hyprland.org/Configuring/Window-Rules/ for more
|
||||
windowrulev2 = idleinhibit,class:^.*([Ss]lippi).*$
|
||||
windowrulev2 = float,class:^.*$
|
||||
windowrulev2 = tile,class:^.*([Kk]itty|[Ff]irefox|[Ww]ezterm|[Dd]iscord|[Ss]potify|[Ss]lack).*$
|
||||
windowrulev2 = opacity 1.0 0.95,class:^.*$
|
||||
windowrulev2 = center 1,floating:1
|
||||
|
||||
windowrulev2 = opacity 0.0 override, class:^(xwaylandvideobridge)$
|
||||
windowrulev2 = noanim, class:^(xwaylandvideobridge)$
|
||||
windowrulev2 = noinitialfocus, class:^(xwaylandvideobridge)$
|
||||
windowrulev2 = maxsize 1 1, class:^(xwaylandvideobridge)$
|
||||
windowrulev2 = noblur, class:^(xwaylandvideobridge)$
|
||||
windowrulev2 = nofocus, class:^(xwaylandvideobridge)$
|
||||
'';
|
||||
};
|
||||
|
||||
programs.hyprlock = {
|
||||
enable = true;
|
||||
settings = {
|
||||
# docs: https://wiki.hyprland.org/Hypr-Ecosystem/hyprlock
|
||||
|
||||
general = {
|
||||
grace = 0;
|
||||
no_face_out = true;
|
||||
};
|
||||
|
||||
input-field = [
|
||||
{
|
||||
monitor = "";
|
||||
fade_on_empty = false;
|
||||
placeholder_text = "Locked";
|
||||
rounding = 5;
|
||||
font_size = 20;
|
||||
font_color = "rgba(255, 255, 255, 1.0)";
|
||||
inner_color = "rgba(31, 31, 47, 0.95)";
|
||||
outer_color = "0xff74c7ec 0xff74c7ec 45deg";
|
||||
outline_thickness = 3;
|
||||
position = "0, -200";
|
||||
|
||||
dots_size = 0.1;
|
||||
size = "300 75";
|
||||
font_family = "IosevkaLyteTerm";
|
||||
|
||||
shadow_passes = 3;
|
||||
shadow_size = 8;
|
||||
shadow_color = "rgba(0, 0, 0, 1.0)";
|
||||
shadow_boost = 0.8;
|
||||
}
|
||||
];
|
||||
|
||||
background = [
|
||||
{
|
||||
path = "~/.wallpaper";
|
||||
blur_passes = 2;
|
||||
}
|
||||
];
|
||||
|
||||
label = [
|
||||
{
|
||||
monitor = "";
|
||||
font_size = 64;
|
||||
|
||||
halign = "center";
|
||||
valign = "center";
|
||||
text_align = "center";
|
||||
|
||||
# rotate = 10;
|
||||
position = "0, 200";
|
||||
font_family = "IosevkaLyteTerm";
|
||||
text = ''Locked for <span foreground="##74c7ec">$USER</span>'';
|
||||
|
||||
shadow_passes = 1;
|
||||
shadow_size = 8;
|
||||
shadow_color = "rgba(0, 0, 0, 1.0)";
|
||||
shadow_boost = 0.5;
|
||||
}
|
||||
|
||||
{
|
||||
monitor = "";
|
||||
font_size = 20;
|
||||
|
||||
halign = "center";
|
||||
valign = "center";
|
||||
text_align = "center";
|
||||
color = "rgba(255, 255, 255, 0.5)";
|
||||
|
||||
position = "0 120";
|
||||
font_family = "IosevkaLyteTerm";
|
||||
text = "cmd[update:1000] date '+%a %b %d %H:%M:%S'";
|
||||
|
||||
shadow_passes = 3;
|
||||
shadow_size = 1;
|
||||
shadow_color = "rgba(0, 0, 0, 1.0)";
|
||||
shadow_boost = 1.0;
|
||||
}
|
||||
|
||||
{
|
||||
monitor = "";
|
||||
font_size = 200;
|
||||
|
||||
halign = "center";
|
||||
valign = "center";
|
||||
text_align = "center";
|
||||
color = "rgba(220, 240, 255, 0.8)";
|
||||
position = "0 500";
|
||||
font_family = "NerdFontSymbolsOnly";
|
||||
text = "";
|
||||
|
||||
shadow_passes = 3;
|
||||
shadow_size = 1;
|
||||
shadow_color = "rgba(0, 0, 0, 1.0)";
|
||||
shadow_boost = 1.0;
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
services.hypridle = let
|
||||
secondsPerMinute = 60;
|
||||
lockSeconds = 10 * secondsPerMinute;
|
||||
in {
|
||||
enable = true;
|
||||
settings = {
|
||||
general = {
|
||||
after_sleep_cmd = "hyprctl dispatch dpms on";
|
||||
before_sleep_cmd = "loginctl lock-session";
|
||||
ignore_dbus_inhibit = false;
|
||||
lock_cmd = "pidof hyprlock || hyprlock";
|
||||
};
|
||||
|
||||
listener = [
|
||||
{
|
||||
timeout = lockSeconds - 300;
|
||||
on-timeout = ''notify-send "Auto-locking in 5 minutes"'';
|
||||
on-resume = ''notify-send "Auto-locking cancelled"'';
|
||||
}
|
||||
{
|
||||
timeout = lockSeconds - 180;
|
||||
on-timeout = ''notify-send "Auto-locking in 3 minutes"'';
|
||||
}
|
||||
{
|
||||
timeout = lockSeconds - 120;
|
||||
on-timeout = ''notify-send "Auto-locking in 2 minutes"'';
|
||||
}
|
||||
{
|
||||
timeout = lockSeconds - 60;
|
||||
on-timeout = ''notify-send "Auto-locking in 1 minute"'';
|
||||
}
|
||||
{
|
||||
timeout = lockSeconds - 30;
|
||||
on-timeout = ''notify-send "Auto-locking in 30 seconds"'';
|
||||
}
|
||||
{
|
||||
timeout = lockSeconds - 10;
|
||||
on-timeout = ''notify-send -u critical "Auto-locking in 10 seconds"'';
|
||||
}
|
||||
{
|
||||
timeout = lockSeconds;
|
||||
on-timeout = ''loginctl lock-session'';
|
||||
}
|
||||
{
|
||||
timeout = lockSeconds + 5;
|
||||
on-timeout = ''hyprctl dispatch dpms off'';
|
||||
on-resume = ''hyprctl dispatch dpms on'';
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,35 +0,0 @@
|
|||
{
|
||||
home.file.".iex.exs" = {
|
||||
enable = true;
|
||||
text = ''
|
||||
Application.put_env(:elixir, :ansi_enabled, true)
|
||||
|
||||
# PROTIP: to break, `#iex:break`
|
||||
|
||||
IEx.configure(
|
||||
colors: [enabled: true],
|
||||
inspect: [
|
||||
pretty: true,
|
||||
printable_limit: :infinity,
|
||||
limit: :infinity,
|
||||
charlists: :as_lists
|
||||
],
|
||||
default_prompt: [
|
||||
# ANSI CHA, move cursor to column 1
|
||||
# "\e[G",
|
||||
:magenta,
|
||||
# IEx prompt variable
|
||||
"%prefix",
|
||||
"#",
|
||||
# IEx prompt variable
|
||||
"%counter",
|
||||
# plain string
|
||||
">",
|
||||
:reset
|
||||
]
|
||||
|> IO.ANSI.format()
|
||||
|> IO.chardata_to_string()
|
||||
)
|
||||
'';
|
||||
};
|
||||
}
|
|
@ -1,6 +0,0 @@
|
|||
{
|
||||
services.kdeconnect = {
|
||||
enable = true;
|
||||
indicator = true;
|
||||
};
|
||||
}
|
|
@ -10,52 +10,53 @@
|
|||
enableFishIntegration = true;
|
||||
};
|
||||
settings = with colors.withHashPrefix; {
|
||||
"font_family" = font.name;
|
||||
"bold_font" = "${font.name} Heavy";
|
||||
"italic_font" = "${font.name} Italic";
|
||||
"bold_italic_font" = "${font.name} Heavy Italic";
|
||||
"font_size" = toString font.size;
|
||||
"inactive_text_alpha" = "0.5";
|
||||
"copy_on_select" = true;
|
||||
font_family = font.name;
|
||||
bold_font = "${font.name} Heavy";
|
||||
italic_font = "${font.name} Italic";
|
||||
bold_italic_font = "${font.name} Heavy Italic";
|
||||
font_size = toString font.size;
|
||||
inactive_text_alpha = "0.5";
|
||||
copy_on_select = true;
|
||||
hide_window_decorations = "yes";
|
||||
|
||||
"scrollback_lines" = 500000;
|
||||
scrollback_lines = 500000;
|
||||
|
||||
"symbol_map" = "U+23FB-U+23FE,U+2665,U+26A1,U+2B58,U+E000-U+E00A,U+E0A0-U+E0A3,U+E0B0-U+E0D4,U+E200-U+E2A9,U+E300-U+E3E3,U+E5FA-U+E6AA,U+E700-U+E7C5,U+EA60-U+EBEB,U+F000-U+F2E0,U+F300-U+F32F,U+F400-U+F4A9,U+F500-U+F8FF,U+F0001-U+F1AF0 Symbols Nerd Font Mono";
|
||||
symbol_map = "U+23FB-U+23FE,U+2665,U+26A1,U+2B58,U+E000-U+E00A,U+E0A0-U+E0A3,U+E0B0-U+E0D4,U+E200-U+E2A9,U+E300-U+E3E3,U+E5FA-U+E6AA,U+E700-U+E7C5,U+EA60-U+EBEB,U+F000-U+F2E0,U+F300-U+F32F,U+F400-U+F4A9,U+F500-U+F8FF,U+F0001-U+F1AF0 Symbols Nerd Font Mono";
|
||||
|
||||
# use `kitty + list-fonts --psnames` to get the font's PostScript name
|
||||
|
||||
"allow_remote_control" = true;
|
||||
"listen_on" = "unix:/tmp/kitty";
|
||||
"repaint_delay" = 3;
|
||||
"input_delay" = 3;
|
||||
"sync_to_monitor" = true;
|
||||
allow_remote_control = true;
|
||||
listen_on = "unix:/tmp/kitty";
|
||||
repaint_delay = 3;
|
||||
input_delay = 3;
|
||||
sync_to_monitor = true;
|
||||
|
||||
"adjust_line_height" = 0;
|
||||
"window_padding_width" = "10.0";
|
||||
"window_margin_width" = "0.0";
|
||||
adjust_line_height = 0;
|
||||
window_padding_width = "10.0";
|
||||
window_margin_width = "0.0";
|
||||
|
||||
"confirm_os_window_close" = 0;
|
||||
confirm_os_window_close = 0;
|
||||
|
||||
"enabled_layouts" = "splits:split_axis=vertical,stack";
|
||||
enabled_layouts = "splits:split_axis=vertical,stack";
|
||||
|
||||
"shell_integration" = "disabled";
|
||||
shell_integration = "disabled";
|
||||
|
||||
"enable_audio_bell" = true;
|
||||
"visual_bell_duration" = "0.25";
|
||||
"visual_bell_color" = bg3;
|
||||
enable_audio_bell = true;
|
||||
visual_bell_duration = "0.25";
|
||||
visual_bell_color = bg3;
|
||||
|
||||
"url_style" = "single";
|
||||
url_style = "single";
|
||||
|
||||
"strip_trailing_spaces" = "smart";
|
||||
strip_trailing_spaces = "smart";
|
||||
|
||||
# open_url_modifiers ctrl
|
||||
|
||||
"tab_bar_align" = "left";
|
||||
"tab_bar_style" = "separator";
|
||||
"tab_separator" = ''""'';
|
||||
"tab_bar_edge" = "top";
|
||||
"tab_title_template" = ''"{fmt.fg.tab}{fmt.bg.tab} {activity_symbol}{title} "'';
|
||||
"active_tab_font_style" = "normal";
|
||||
tab_bar_align = "left";
|
||||
tab_bar_style = "separator";
|
||||
tab_separator = ''""'';
|
||||
tab_bar_edge = "bottom";
|
||||
tab_title_template = ''"{fmt.fg.tab}{fmt.bg.tab} {activity_symbol}{title} "'';
|
||||
active_tab_font_style = "normal";
|
||||
|
||||
## name: Catppuccin Kitty Mocha
|
||||
## author: Catppuccin Org
|
||||
|
@ -64,75 +65,75 @@
|
|||
## blurb: Soothing pastel theme for the high-spirited!
|
||||
|
||||
# The basic colors
|
||||
"foreground" = text;
|
||||
"background" = bg;
|
||||
"selection_foreground" = bg;
|
||||
"selection_background" = text;
|
||||
foreground = text;
|
||||
background = bg;
|
||||
selection_foreground = bg;
|
||||
selection_background = text;
|
||||
|
||||
# Cursor colors
|
||||
"cursor" = text;
|
||||
"cursor_text_color" = bg;
|
||||
cursor = text;
|
||||
cursor_text_color = bg;
|
||||
|
||||
# URL underline color when hovering with mouse
|
||||
"url_color" = primary;
|
||||
url_color = primary;
|
||||
|
||||
# Kitty window border colors
|
||||
"active_border_color" = primary;
|
||||
"inactive_border_color" = bg3;
|
||||
"bell_border_color" = urgent;
|
||||
active_border_color = primary;
|
||||
inactive_border_color = bg3;
|
||||
bell_border_color = urgent;
|
||||
|
||||
# OS Window titlebar colors
|
||||
"wayland_titlebar_color" = "system";
|
||||
"macos_titlebar_color" = "system";
|
||||
wayland_titlebar_color = "system";
|
||||
macos_titlebar_color = "system";
|
||||
|
||||
# Tab bar colors
|
||||
"active_tab_foreground" = bg;
|
||||
"active_tab_background" = primary;
|
||||
"inactive_tab_foreground" = fgdim;
|
||||
"inactive_tab_background" = bg2;
|
||||
"tab_bar_background" = bg;
|
||||
active_tab_foreground = bg;
|
||||
active_tab_background = primary;
|
||||
inactive_tab_foreground = fgdim;
|
||||
inactive_tab_background = bg2;
|
||||
tab_bar_background = bg;
|
||||
|
||||
# Colors for marks (marked text in the terminal)
|
||||
"mark1_foreground" = bg;
|
||||
"mark1_background" = blue;
|
||||
"mark2_foreground" = bg;
|
||||
"mark2_background" = purple;
|
||||
"mark3_foreground" = bg;
|
||||
"mark3_background" = blue;
|
||||
mark1_foreground = bg;
|
||||
mark1_background = blue;
|
||||
mark2_foreground = bg;
|
||||
mark2_background = purple;
|
||||
mark3_foreground = bg;
|
||||
mark3_background = blue;
|
||||
|
||||
# The 16 terminal colors
|
||||
|
||||
# black
|
||||
"color0" = colors.withHashPrefix."0";
|
||||
"color8" = colors.withHashPrefix."8";
|
||||
color0 = colors.withHashPrefix."0";
|
||||
color8 = colors.withHashPrefix."8";
|
||||
|
||||
# red
|
||||
"color1" = colors.withHashPrefix."1";
|
||||
"color9" = colors.withHashPrefix."9";
|
||||
color1 = colors.withHashPrefix."1";
|
||||
color9 = colors.withHashPrefix."9";
|
||||
|
||||
# green
|
||||
"color2" = colors.withHashPrefix."2";
|
||||
"color10" = colors.withHashPrefix."10";
|
||||
color2 = colors.withHashPrefix."2";
|
||||
color10 = colors.withHashPrefix."10";
|
||||
|
||||
# yellow
|
||||
"color3" = colors.withHashPrefix."3";
|
||||
"color11" = colors.withHashPrefix."11";
|
||||
color3 = colors.withHashPrefix."3";
|
||||
color11 = colors.withHashPrefix."11";
|
||||
|
||||
# blue
|
||||
"color4" = colors.withHashPrefix."4";
|
||||
"color12" = colors.withHashPrefix."12";
|
||||
color4 = colors.withHashPrefix."4";
|
||||
color12 = colors.withHashPrefix."12";
|
||||
|
||||
# magenta
|
||||
"color5" = colors.withHashPrefix."5";
|
||||
"color13" = colors.withHashPrefix."13";
|
||||
color5 = colors.withHashPrefix."5";
|
||||
color13 = colors.withHashPrefix."13";
|
||||
|
||||
# cyan
|
||||
"color6" = colors.withHashPrefix."6";
|
||||
"color14" = colors.withHashPrefix."14";
|
||||
color6 = colors.withHashPrefix."6";
|
||||
color14 = colors.withHashPrefix."14";
|
||||
|
||||
# white
|
||||
"color7" = colors.withHashPrefix."7";
|
||||
"color15" = colors.withHashPrefix."15";
|
||||
color7 = colors.withHashPrefix."7";
|
||||
color15 = colors.withHashPrefix."15";
|
||||
};
|
||||
keybindings = {
|
||||
"ctrl+shift+1" = "change_font_size all 12.5";
|
||||
|
@ -167,7 +168,7 @@
|
|||
"ctrl+l" = "neighboring_window right";
|
||||
"ctrl+k" = "neighboring_window up";
|
||||
"ctrl+j" = "neighboring_window down";
|
||||
"ctrl+shift+n" = "nth_window -1";
|
||||
"ctrl+shift+h" = "nth_window -1";
|
||||
"ctrl+shift+space>u" = "kitten hints --type=url --program @";
|
||||
|
||||
"ctrl+shift+z" = "toggle_layout stack";
|
||||
|
|
|
@ -1,24 +0,0 @@
|
|||
{
|
||||
pkgs,
|
||||
outputs,
|
||||
# font,
|
||||
...
|
||||
}: {
|
||||
imports = with outputs.homeManagerModules; [
|
||||
desktop
|
||||
firefox
|
||||
];
|
||||
|
||||
gtk = {
|
||||
enable = true;
|
||||
theme = {
|
||||
name = "Catppuccin-Mocha-Compact-Sapphire-Dark";
|
||||
package = pkgs.catppuccin-gtk.override {
|
||||
accents = ["sapphire"];
|
||||
size = "compact";
|
||||
tweaks = ["rimless"];
|
||||
variant = "mocha";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,41 +0,0 @@
|
|||
{
|
||||
outputs,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
imports = with outputs.homeManagerModules; [
|
||||
common
|
||||
];
|
||||
|
||||
home = {
|
||||
sessionVariables = {
|
||||
MOZ_ENABLE_WAYLAND = "1";
|
||||
};
|
||||
};
|
||||
|
||||
programs.fish = {
|
||||
shellAliases = {
|
||||
sctl = "sudo systemctl";
|
||||
bt = "bluetoothctl";
|
||||
pa = "pulsemixer";
|
||||
sctlu = "systemctl --user";
|
||||
};
|
||||
|
||||
functions = {
|
||||
pp = ''
|
||||
if test (count $argv) -gt 0
|
||||
while true; ping -O -i 1 -w 5 -c 10000000 $argv; sleep 1; end
|
||||
else
|
||||
while true; ping -O -i 1 -w 5 -c 10000000 1.1.1.1; sleep 1; end
|
||||
end
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
home.packages = [
|
||||
(pkgs.buildEnv {
|
||||
name = "my-linux-scripts";
|
||||
paths = [./scripts/linux];
|
||||
})
|
||||
];
|
||||
}
|
|
@ -1,15 +0,0 @@
|
|||
{outputs, ...}: {
|
||||
imports = with outputs.homeManagerModules; [
|
||||
common
|
||||
desktop
|
||||
];
|
||||
|
||||
# TODO: pinentry curses?
|
||||
/*
|
||||
programs.gnupg.agent = {
|
||||
enable = true;
|
||||
pinentryFlavor = "gnome3";
|
||||
enableSSHSupport = true;
|
||||
};
|
||||
*/
|
||||
}
|
|
@ -1,29 +0,0 @@
|
|||
{
|
||||
colors,
|
||||
font,
|
||||
...
|
||||
}: {
|
||||
services.mako = with colors.withHashPrefix; {
|
||||
enable = true;
|
||||
borderSize = 1;
|
||||
maxVisible = 5;
|
||||
defaultTimeout = 15000;
|
||||
font = "Symbols Nerd Font ${toString font.size},${font.name} ${toString font.size}";
|
||||
# TODO: config
|
||||
|
||||
backgroundColor = bg;
|
||||
textColor = text;
|
||||
borderColor = primary;
|
||||
progressColor = primary;
|
||||
anchor = "top-right";
|
||||
|
||||
extraConfig = ''
|
||||
[urgency=high]
|
||||
border-color=${urgent}
|
||||
[urgency=high]
|
||||
background-color=${urgent}
|
||||
border-color=${urgent}
|
||||
text-color=${bg}
|
||||
'';
|
||||
};
|
||||
}
|
|
@ -1,25 +0,0 @@
|
|||
{
|
||||
# flake,
|
||||
inputs,
|
||||
# outputs,
|
||||
# lib,
|
||||
# config,
|
||||
# pkgs,
|
||||
# system,
|
||||
# modulesPath,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
{
|
||||
nixpkgs.overlays = [inputs.ssbm.overlay];
|
||||
}
|
||||
inputs.ssbm.homeManagerModule
|
||||
];
|
||||
|
||||
ssbm = {
|
||||
slippi-launcher = {
|
||||
enable = true;
|
||||
launchMeleeOnPlay = false;
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,5 +0,0 @@
|
|||
{...}: {
|
||||
programs.nnn = {
|
||||
enable = true;
|
||||
};
|
||||
}
|
|
@ -1,7 +1,7 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
usage() {
|
||||
echo "at - waits until after the specified datetime"
|
||||
echo "at - exit after the specified datetime"
|
||||
echo "Usage:"
|
||||
echo " at <DATETIME> && command..."
|
||||
echo
|
||||
|
@ -9,13 +9,17 @@ usage() {
|
|||
echo " at 15:00:00 && echo \"it is 3 o'clock\""
|
||||
}
|
||||
|
||||
[[ -z "$1" ]] && { echo "Error: No DATE argument provided." >&2; usage; exit 1; }
|
||||
[[ -z "$1" ]] && { echo "error: no DATE argument provided" >&2; usage; exit 1; }
|
||||
|
||||
d="$(date -d "${@}" +%s)"
|
||||
_dt=$((d - $(date +%s)))
|
||||
days=$((_dt / 86400))
|
||||
printf 'Started at %s (with duration %sd %s)\n' "$(date)" "$days" "$(date -u --date @$((_dt)) +%H:%M:%S)"
|
||||
|
||||
while [[ "$d" -ge "$(date +%s)" ]]; do
|
||||
_dt=$((d - $(date +%s)))
|
||||
days=$((_dt / 86400))
|
||||
echo -ne "\rTime Remaining: ${days}d $(date -u --date @$((_dt)) +%H:%M:%S) ";
|
||||
printf "\r%sd %s " "$days" "$(date -u --date @$((_dt)) +%H:%M:%S)";
|
||||
sleep 0.1
|
||||
done
|
||||
exit 0
|
|
@ -1,15 +1,24 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
[[ $# -lt 1 ]] && { echo "No argument provided." >&2 ; exit 1; }
|
||||
function usage {
|
||||
echo "countdown - exit after a certain amount of time has passed"
|
||||
echo " Usage:"
|
||||
echo " countdown <SECONDS> && command..."
|
||||
echo
|
||||
echo " Examples:"
|
||||
echo ' countdown 120 && echo "Two minutes has elapsed!"'
|
||||
}
|
||||
|
||||
[[ $# -lt 1 ]] && { printf "error: no SECONDS argument provided\n" >&2; usage; exit 1; }
|
||||
|
||||
d=$(($(date +%s) + $1));
|
||||
echo "Countdown started at $(date)"
|
||||
printf 'Started at %s\n' "$(date)"
|
||||
|
||||
while [[ "$d" -ge "$(date +%s)" ]]; do
|
||||
_dt=$((d - $(date +%s)))
|
||||
days=$((_dt / 86400))
|
||||
echo -ne "\r${days}d $(date -u --date @$((_dt)) +%H:%M:%S) ";
|
||||
printf "\r%sd %s " "$days" "$(date -u --date @$((_dt)) +%H:%M:%S)";
|
||||
sleep 0.1
|
||||
done
|
||||
|
||||
echo -ne "\rCountdown finished $(date)\n"
|
||||
printf "\rCountdown finished %s\n" "$(date)"
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#!/usr/bin/env sh
|
||||
|
||||
r="$(< "$HOME/.emoji.txt" sk --height 40%)"
|
||||
r="$(< "$HOME/.emoji.txt" fzf --height 40%)"
|
||||
echo "$r" | awk '$0=$1' | tr -d '\n' | clip
|
||||
echo "Copied $r emoji to your clipboard"
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
#!/usr/bin/env -S deno run --allow-read --allow-run --allow-net
|
||||
#!/usr/bin/env -S nix shell nixpkgs#deno --command deno run --allow-read --allow-run --allow-net
|
||||
|
||||
import * as path from "https://deno.land/std@0.181.0/path/mod.ts";
|
||||
|
||||
|
|
3
modules/home-manager/scripts/common/bin/j
Executable file
3
modules/home-manager/scripts/common/bin/j
Executable file
|
@ -0,0 +1,3 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
N journal
|
|
@ -1,5 +1,6 @@
|
|||
#!/usr/bin/env sh
|
||||
|
||||
umask 0077
|
||||
SUBDIR="${2:-./}"
|
||||
mkdir -p "$NOTES_PATH/$SUBDIR"
|
||||
cd "$NOTES_PATH/$SUBDIR" || exit 1
|
||||
|
|
127
modules/home-manager/scripts/common/bin/spark
Executable file
127
modules/home-manager/scripts/common/bin/spark
Executable file
|
@ -0,0 +1,127 @@
|
|||
#!/usr/bin/env bash
|
||||
#
|
||||
# spark
|
||||
# https://github.com/holman/spark
|
||||
#
|
||||
# Generates sparklines for a set of data.
|
||||
#
|
||||
# Here's a good web-based sparkline generator that was a bit of inspiration
|
||||
# for spark:
|
||||
#
|
||||
# https://datacollective.org/sparkblocks
|
||||
#
|
||||
# spark takes a comma-separated or space-separated list of data and then prints
|
||||
# a sparkline out of it.
|
||||
#
|
||||
# Examples:
|
||||
#
|
||||
# spark 1 5 22 13 53
|
||||
# # => ▁▁▃▂▇
|
||||
#
|
||||
# spark 0 30 55 80 33 150
|
||||
# # => ▁▂▃▅▂▇
|
||||
#
|
||||
# spark -h
|
||||
# # => Prints the spark help text.
|
||||
|
||||
# Generates sparklines.
|
||||
#
|
||||
# $1 - The data we'd like to graph.
|
||||
_echo()
|
||||
{
|
||||
if [ "X$1" = "X-n" ]; then
|
||||
shift
|
||||
printf "%s" "$*"
|
||||
else
|
||||
printf "%s\n" "$*"
|
||||
fi
|
||||
}
|
||||
|
||||
spark()
|
||||
{
|
||||
local n numbers=
|
||||
|
||||
# find min/max values
|
||||
local min=0xffffffff max=0
|
||||
|
||||
for n in ${@//,/ }
|
||||
do
|
||||
# on Linux (or with bash4) we could use `printf %.0f $n` here to
|
||||
# round the number but that doesn't work on OS X (bash3) nor does
|
||||
# `awk '{printf "%.0f",$1}' <<< $n` work, so just cut it off
|
||||
n=${n%.*}
|
||||
(( n < min )) && min=$n
|
||||
(( n > max )) && max=$n
|
||||
numbers=$numbers${numbers:+ }$n
|
||||
done
|
||||
|
||||
# print ticks
|
||||
local ticks=(▁ ▂ ▃ ▄ ▅ ▆ ▇ █)
|
||||
|
||||
# use a high tick if data is constant
|
||||
(( min == max )) && ticks=(▅ ▆)
|
||||
|
||||
local f=$(( (($max-$min)<<8)/(${#ticks[@]}-1) ))
|
||||
(( f < 1 )) && f=1
|
||||
|
||||
for n in $numbers
|
||||
do
|
||||
_echo -n ${ticks[$(( ((($n-$min)<<8)/$f) ))]}
|
||||
done
|
||||
_echo
|
||||
}
|
||||
|
||||
# If we're being sourced, don't worry about such things
|
||||
if [ "$BASH_SOURCE" == "$0" ]; then
|
||||
# Prints the help text for spark.
|
||||
help()
|
||||
{
|
||||
local spark=$(basename $0)
|
||||
cat <<EOF
|
||||
|
||||
USAGE:
|
||||
$spark [-h|--help] VALUE,...
|
||||
|
||||
EXAMPLES:
|
||||
$spark 1 5 22 13 53
|
||||
▁▁▃▂█
|
||||
$spark 0,30,55,80,33,150
|
||||
▁▂▃▄▂█
|
||||
echo 9 13 5 17 1 | $spark
|
||||
▄▆▂█▁
|
||||
EOF
|
||||
}
|
||||
|
||||
# show help for no arguments if stdin is a terminal
|
||||
if { [ -z "$1" ] && [ -t 0 ] ; } || [ "$1" == '-h' ] || [ "$1" == '--help' ]
|
||||
then
|
||||
help
|
||||
exit 0
|
||||
fi
|
||||
|
||||
spark ${@:-`cat`}
|
||||
fi
|
||||
|
||||
# source: https://github.com/holman/spark/commit/ab88ac6f8f33698f39ece2f109b1117ef39a68eb
|
||||
|
||||
# The MIT License
|
||||
#
|
||||
# Copyright (c) Zach Holman, https://zachholman.com
|
||||
#
|
||||
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
# of this software and associated documentation files (the "Software"), to deal
|
||||
# in the Software without restriction, including without limitation the rights
|
||||
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
# copies of the Software, and to permit persons to whom the Software is
|
||||
# furnished to do so, subject to the following conditions:
|
||||
#
|
||||
# The above copyright notice and this permission notice shall be included in
|
||||
# all copies or substantial portions of the Software.
|
||||
#
|
||||
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
# THE SOFTWARE.
|
3
modules/home-manager/scripts/common/bin/t
Executable file
3
modules/home-manager/scripts/common/bin/t
Executable file
|
@ -0,0 +1,3 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
N todo
|
2
modules/home-manager/scripts/common/bin/td
Executable file
2
modules/home-manager/scripts/common/bin/td
Executable file
|
@ -0,0 +1,2 @@
|
|||
#!/usr/bin/env bash
|
||||
N todo
|
|
@ -1,18 +0,0 @@
|
|||
{config, ...}: {
|
||||
programs.senpai = {
|
||||
enable = true;
|
||||
config = {
|
||||
addr = "a";
|
||||
nick = "a";
|
||||
};
|
||||
};
|
||||
|
||||
home.file."${config.xdg.configHome}/senpai/senpai.scfg" = {
|
||||
enable = true;
|
||||
text = ''
|
||||
address irc+insecure://beefcake:6667
|
||||
nickname lytedev
|
||||
password-cmd pass soju
|
||||
'';
|
||||
};
|
||||
}
|
|
@ -1,57 +1,24 @@
|
|||
{
|
||||
pkgs,
|
||||
colors,
|
||||
outputs,
|
||||
style,
|
||||
lib,
|
||||
config,
|
||||
# font,
|
||||
...
|
||||
}: {
|
||||
imports = with outputs.homeManagerModules; [
|
||||
linux
|
||||
waybar
|
||||
mako
|
||||
swaylock
|
||||
linux-desktop
|
||||
];
|
||||
|
||||
programs.wofi = {
|
||||
enable = true;
|
||||
settings = {
|
||||
width = "640";
|
||||
height = "360";
|
||||
};
|
||||
style = ''
|
||||
* {
|
||||
border-radius: 0;
|
||||
}
|
||||
|
||||
window {
|
||||
margin: 0px;
|
||||
padding: 8px;
|
||||
}
|
||||
|
||||
#outer-box {
|
||||
margin: 8px;
|
||||
}
|
||||
|
||||
#outer-box, #inner-box {
|
||||
margin-top: 8px;
|
||||
}
|
||||
'';
|
||||
};
|
||||
|
||||
home.pointerCursor = {
|
||||
name = "Bibata-Modern-Classic";
|
||||
package = pkgs.bibata-cursors;
|
||||
size = 64; # TODO: this doesn't seem to work -- at least in Sway
|
||||
# some icons are also missing (hand2?)
|
||||
};
|
||||
|
||||
programs.foot = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
xdg = {
|
||||
enable = true;
|
||||
mimeApps = {
|
||||
enable = true;
|
||||
defaultApplications = {
|
||||
"x-scheme-handler/http" = "firefox.desktop";
|
||||
"x-scheme-handler/https" = "firefox.desktop";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
wayland.windowManager.sway = {
|
||||
/*
|
||||
TODO:
|
||||
|
@ -75,6 +42,17 @@
|
|||
|
||||
systemd = {
|
||||
enable = true;
|
||||
variables = [
|
||||
"DISPLAY"
|
||||
"WAYLAND_DISPLAY"
|
||||
"SWAYSOCK"
|
||||
"XDG_CURRENT_DESKTOP"
|
||||
"XDG_SESSION_TYPE"
|
||||
"NIXOS_OZONE_WL"
|
||||
"XCURSOR_THEME"
|
||||
"XCURSOR_SIZE"
|
||||
"PATH"
|
||||
];
|
||||
};
|
||||
|
||||
# TODO: stuff is opening on workspace 10 (0?)
|
||||
|
@ -83,7 +61,7 @@
|
|||
swaymsg "workspace 1"
|
||||
}
|
||||
|
||||
set $tilers "(wezterm.*|kitty.*|firefox.*|slack.*|Slack.*|thunar.*|Alacritty.*|alacritty.*|Discord.*|discord.*)"
|
||||
set $tilers "(wezterm.*|kitty.*|firefox.*|[Ss]lack.*|thunar.*|[Aa]lacritty.*|[Dd]iscord.*)"
|
||||
for_window [title=".*"] floating enable
|
||||
for_window [app_id=$tilers] floating disable
|
||||
'';
|
||||
|
@ -98,12 +76,6 @@
|
|||
*/
|
||||
];
|
||||
|
||||
output = {
|
||||
"*" = {
|
||||
background = "$HOME/.wallpaper fill";
|
||||
};
|
||||
};
|
||||
|
||||
# TODO: popup_during_fullscreen smart
|
||||
focus = {
|
||||
wrapping = "no"; # maybe workspace?
|
||||
|
@ -128,15 +100,23 @@
|
|||
};
|
||||
|
||||
startup = [
|
||||
{command = "kdeconnect-indicator";}
|
||||
{command = "mako";}
|
||||
{
|
||||
command = "swaybg -i $HOME/.wallpaper";
|
||||
}
|
||||
{
|
||||
command = "swayosd-server";
|
||||
}
|
||||
{
|
||||
command = "waybar";
|
||||
}
|
||||
{
|
||||
command = lib.concatStringsSep " " [
|
||||
"swayidle -w"
|
||||
"timeout 300 'notify-send \"Idling in 300 seconds\"'"
|
||||
"resume 'notify-send \"Idling cancelled.\"'"
|
||||
"timeout 480 'notify-send -u critical \"Idling in 120 seconds\"'"
|
||||
"before-sleep 'swaylock'"
|
||||
"timeout 300 'notify-send \"Idling in 5 minutes\"' resume 'notify-send \"Idling cancelled.\"'"
|
||||
"timeout 480 'notify-send -u critical \"Idling in 2 minutes\"'"
|
||||
"timeout 510 'notify-send -u critical \"Idling in 90 seconds\"'"
|
||||
"timeout 540 'notify-send -u critical \"Idling in 60 seconds!\"'"
|
||||
"timeout 570 'notify-send -u critical \"Idling in 30 seconds!\"'"
|
||||
|
@ -151,14 +131,11 @@
|
|||
"timeout 598 'notify-send -u critical \"Idling in 2 seconds!\"'"
|
||||
"timeout 599 'notify-send -u critical \"Idling in 1 second!\"'"
|
||||
"timeout 600 'swaylock -f'"
|
||||
"timeout 600 'swaymsg \"output * dpms off\"'"
|
||||
"resume 'swaymsg \"output * dpms on\" & maybe-good-morning &'"
|
||||
"before-sleep 'swaylock'"
|
||||
"timeout 600 'swaymsg \"output * dpms off\"' resume 'swaymsg \"output * dpms on\" & maybe-good-morning &'"
|
||||
];
|
||||
}
|
||||
# {command = "firefox";}
|
||||
# {command = "wezterm";}
|
||||
{command = "kitty --single-instance";}
|
||||
];
|
||||
|
||||
modes = {
|
||||
|
@ -181,13 +158,13 @@
|
|||
input = {
|
||||
"type:keyboard" = {
|
||||
xkb_options = "ctrl:nocaps";
|
||||
repeat_delay = "200";
|
||||
repeat_rate = "60";
|
||||
repeat_delay = "180";
|
||||
repeat_rate = "100";
|
||||
};
|
||||
|
||||
"type:pointer" = {
|
||||
accel_profile = "flat";
|
||||
pointer_accel = "0";
|
||||
pointer_accel = "0.5";
|
||||
};
|
||||
|
||||
"type:touchpad" = {
|
||||
|
@ -200,17 +177,19 @@
|
|||
};
|
||||
keybindings = let
|
||||
mod = config.wayland.windowManager.sway.config.modifier;
|
||||
menu = "tofi-run | xargs swaymsg exec --";
|
||||
in {
|
||||
# bindsym $mod+shift+space exec wofi --show drun
|
||||
"${mod}+control+space" = "exec makoctl dismiss";
|
||||
"${mod}+shift+space" = "exec makoctl invoke";
|
||||
# "${mod}+return" = "exec kitty --single-instance";
|
||||
"${mod}+return" = "exec kitty";
|
||||
"${mod}+return" = "exec wezterm";
|
||||
"${mod}+shift+return" = "exec floating-term";
|
||||
"${mod}+shift+alt+return" = "exec kitty";
|
||||
"${mod}+c" = "kill";
|
||||
"${mod}+shift+c" = "kill # TODO: kill -9?";
|
||||
"${mod}+space" = "exec wofi --show drun";
|
||||
"${mod}+alt+space" = "exec wofi --show drun";
|
||||
"${mod}" = "exec ${menu}";
|
||||
"${mod}+space" = "exec ${menu}";
|
||||
"${mod}+shift+s" = "exec clipshot";
|
||||
"${mod}+e" = "exec thunar";
|
||||
"${mod}+shift+r" = "reload";
|
||||
|
@ -273,7 +252,9 @@
|
|||
"${mod}+p" = "focus parent";
|
||||
"${mod}+period" = "focus child";
|
||||
"${mod}+comma" = "focus child";
|
||||
|
||||
"${mod}+tab" = "workspace back_and_forth";
|
||||
"alt+tab" = "workspace back_and_forth";
|
||||
|
||||
"${mod}+minus" = "gaps inner current minus 5";
|
||||
"${mod}+plus" = "gaps inner current plus 5";
|
||||
|
@ -285,12 +266,45 @@
|
|||
# TODO: this should also reset the horizontal and vertical gaps?
|
||||
"${mod}+control+equal" = "gaps inner current set 0";
|
||||
|
||||
"XF86AudioRaiseVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ +5%";
|
||||
"XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -5%";
|
||||
"${mod}+shift+v" = "exec swayosd-client --input-volume mute-toggle";
|
||||
"${mod}+F1" = "exec pactl set-sink-mute @DEFAULT_SINK@ toggle";
|
||||
"XF86AudioRaiseVolume" = "exec swayosd-client --output-volume raise";
|
||||
"XF86AudioLowerVolume" = "exec swayosd-client --output-volume lower";
|
||||
"XF86AudioMute" = "exec swayosd-client --output-volume mute-toggle";
|
||||
"XF86AudioMicMute" = "exec swayosd-client --input-volume mute-toggle";
|
||||
"XF86MonBrightnessUp" = "exec swayosd-client --brightness raise";
|
||||
"XF86MonBrightnessDown" = "exec swayosd-client --brightness lower";
|
||||
"control+XF86AudioRaiseVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ +1%";
|
||||
"control+XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -1%";
|
||||
"XF86AudioPlay" = "exec playerctl play-pause";
|
||||
"XF86AudioNext" = "exec playerctl next";
|
||||
"XF86AudioPrev" = "exec playerctl previous";
|
||||
"--locked ${mod}+shift+v" = "exec swayosd-client --input-volume mute-toggle";
|
||||
"--locked ${mod}+F1" = "exec pactl set-sink-mute @DEFAULT_SINK@ toggle";
|
||||
"--locked XF86AudioRaiseVolume" = "exec swayosd-client --output-volume raise";
|
||||
"--locked XF86AudioLowerVolume" = "exec swayosd-client --output-volume lower";
|
||||
"--locked XF86AudioMute" = "exec swayosd-client --output-volume mute-toggle";
|
||||
"--locked XF86AudioMicMute" = "exec swayosd-client --input-volume mute-toggle";
|
||||
"--locked XF86MonBrightnessUp" = "exec swayosd-client --brightness raise";
|
||||
"--locked XF86MonBrightnessDown" = "exec swayosd-client --brightness lower";
|
||||
"--locked control+XF86AudioRaiseVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ +1%";
|
||||
"--locked control+XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -1%";
|
||||
"--locked XF86AudioPlay" = "exec playerctl play-pause";
|
||||
"--locked XF86AudioNext" = "exec playerctl next";
|
||||
"--locked XF86AudioPrev" = "exec playerctl previous";
|
||||
|
||||
/*
|
||||
"XF86MonBrightnessUp" = " exec swayosd-client --brightness 10";
|
||||
"XF86MonBrightnessDown" = "exec swayosd-client --brightness -10";
|
||||
"XF86AudioMute" = "exec pactl set-sink-mute @DEFAULT_SINK@ toggle";
|
||||
"${mod}+F1" = "exec pactl set-sink-mute @DEFAULT_SINK@ toggle";
|
||||
"XF86AudioRaiseVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ +5%";
|
||||
"XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -5%";
|
||||
"XF86AudioRaiseVolume" = "exec swayosd-client --output-volume 15";
|
||||
"XF86AudioLowerVolume" = "exec swayosd-client --output-volume -15";
|
||||
"XF86AudioRaiseVolume" = "exec swayosd-client --output-volume raise --max-volume 120";
|
||||
"XF86AudioLowerVolume" = "exec swayosd-client --output-volume lower --max-volume 120";
|
||||
"XF86AudioRaiseVolume" = "exec swayosd-client --output-volume +10 --device alsa_output.pci-0000_11_00.4.analog-stereo.monitor";
|
||||
"XF86AudioLowerVolume" = "exec swayosd-client --output-volume -10 --device alsa_output.pci-0000_11_00.4.analog-stereo.monitor";
|
||||
"XF86AudioMicMute" = "exec pactl set-source-mute @DEFAULT_SOURCE@ toggle";
|
||||
"XF86MonBrightnessDown" = "exec brightnessctl set 10%-";
|
||||
"XF86MonBrightnessUp" = "exec brightnessctl set +10%";
|
||||
|
@ -298,10 +312,8 @@
|
|||
"shift+XF86MonBrightnessUp" = "exec brightnessctl set 100%";
|
||||
"control+XF86MonBrightnessDown" = "exec brightnessctl set 1%-";
|
||||
"control+XF86MonBrightnessUp" = "exec brightnessctl set +1%";
|
||||
"XF86AudioPlay" = "exec playerctl play-pause";
|
||||
"XF86AudioNext" = "exec playerctl next";
|
||||
"XF86AudioPrev" = "exec playerctl previous";
|
||||
"${mod}+shift+v" = "exec pactl set-source-mute @DEFAULT_SOURCE@ toggle";
|
||||
*/
|
||||
|
||||
"${mod}+control+shift+l" = "exec swaylock";
|
||||
|
||||
|
@ -309,7 +321,7 @@
|
|||
};
|
||||
assigns = {};
|
||||
bars = [];
|
||||
colors = with colors; {
|
||||
colors = with style.colors; {
|
||||
background = bg;
|
||||
focused = {
|
||||
background = bg;
|
||||
|
|
|
@ -1,14 +1,10 @@
|
|||
{
|
||||
font,
|
||||
# colors,
|
||||
...
|
||||
}: {
|
||||
{style, ...}: {
|
||||
programs.swaylock = {
|
||||
enable = true;
|
||||
settings = {
|
||||
color = "ffffffff";
|
||||
image = "~/.wallpaper";
|
||||
font = font.name;
|
||||
font = style.font.name;
|
||||
show-failed-attempts = true;
|
||||
ignore-empty-password = true;
|
||||
|
||||
|
|
|
@ -1,7 +0,0 @@
|
|||
{outputs, ...}: {
|
||||
imports = with outputs.homeManagerModules; [
|
||||
sway
|
||||
sway-laptop
|
||||
hyprland
|
||||
];
|
||||
}
|
|
@ -1,126 +0,0 @@
|
|||
{
|
||||
# colors,
|
||||
# font,
|
||||
...
|
||||
}: {
|
||||
programs.tmux = {
|
||||
enable = true;
|
||||
baseIndex = 1;
|
||||
clock24 = true;
|
||||
extraConfig = ''
|
||||
unbind C-b
|
||||
set -g prefix C-s
|
||||
|
||||
# enable tmux to support helix colors
|
||||
set -g default-terminal "tmux-256color"
|
||||
set -g terminal-overrides ",xterm-256color:RGB"
|
||||
|
||||
set -g update-environment "WAYLAND_DISPLAY DISPLAY"
|
||||
|
||||
bind R source-file "$HOME/.tmux.conf" \; display-message "Reloaded $HOME/.tmux.conf"
|
||||
bind o display-message "Saved pane output to #(tmux-save-buffer '#S')"
|
||||
bind O run "tmux-edit-buffer"
|
||||
|
||||
bind D attach-session -t . -c '#{pane_current_path}' \; display-message "Set session path to #{pane_current_path}"
|
||||
|
||||
bind H set -s status # toggle status bar
|
||||
|
||||
bind v split-window -h -c "#{pane_current_path}"
|
||||
bind b split-window -c "#{pane_current_path}"
|
||||
bind h split-window -c "#{pane_current_path}"
|
||||
|
||||
bind -n C-l select-pane -R
|
||||
bind -n C-k select-pane -U
|
||||
|
||||
bind -n C-j select-pane -D
|
||||
# enabling a ^J hotkey causes breakage when pasting anything that start with a newline, since it triggers the hotkey and some weird interaction with bracketed paste causes the pane to enter a broken state
|
||||
|
||||
bind -n C-h select-pane -L
|
||||
|
||||
bind -n C-M-l split-window -h -c "#{pane_current_path}"
|
||||
bind -n C-M-j split-window -v -c "#{pane_current_path}"
|
||||
|
||||
# tab creation
|
||||
bind -n C-t new-window
|
||||
|
||||
# tab nav is the default p and n binds
|
||||
# window and session switcher is the default w bind
|
||||
|
||||
set -g mouse on
|
||||
set -g escape-time 0
|
||||
|
||||
set -g monitor-activity on
|
||||
set -g visual-bell off
|
||||
set -g bell-action other
|
||||
set -g activity-action none
|
||||
|
||||
set -g mode-keys vi
|
||||
set -g history-limit 1000000
|
||||
|
||||
set -g status on
|
||||
set -g status-position bottom
|
||||
set -g status-style "fg=colour8 bg=default"
|
||||
set -g status-interval 5
|
||||
set -g status-left-length 50
|
||||
set -g window-status-style "fg=colour8 bg=default"
|
||||
set -g window-status-format "#W"
|
||||
set -g window-status-separator " "
|
||||
set -g window-status-activity-style "fg=colour7 bg=default"
|
||||
set -g window-status-bell-style "fg=colour1 bg=default"
|
||||
set -g window-status-current-style "fg=colour4 bg=default"
|
||||
set -g window-status-current-format " #W "
|
||||
set -g status-left "#{client_user}@#h:#S "
|
||||
set -g status-right "#(kubeline && printf ' ')"
|
||||
set -g status-left-length 1000
|
||||
|
||||
set -g message-style "fg=colour7 bg=default"
|
||||
set -g pane-active-border-style fg=blue
|
||||
set -g pane-border-style fg=colour0
|
||||
set -g clock-mode-colour colour8
|
||||
set -g base-index 1
|
||||
set -g pane-base-index 1
|
||||
|
||||
set -g window-status-current-format "#W"
|
||||
|
||||
# present a menu of urls to open from the visible pane
|
||||
# TODO: fuzzy search this
|
||||
# bind u capture-pane \;\
|
||||
# save-buffer /tmp/tmux-buffer \;\
|
||||
# split-window -l 10 "urlscan /tmp/tmux-buffer"
|
||||
|
||||
bind -T copy-mode-vi "y" send-keys -X copy-pipe-no-clear 'clip' \; display-message 'Copied to clipboard!'
|
||||
bind -T copy-mode-vi MouseDragEnd1Pane send-keys -X copy-pipe-no-clear 'clip' \; display-message 'Copied to clipboard!'
|
||||
|
||||
bind K kill-pane
|
||||
bind C-S-k kill-window
|
||||
|
||||
# Activate OFF mode
|
||||
bind -n M-o \
|
||||
set prefix None \;\
|
||||
set key-table off \;\
|
||||
set -ag status-right " OFF"
|
||||
|
||||
# Disable OFF mode
|
||||
bind -T off M-O \
|
||||
set -u prefix \;\
|
||||
set -u key-table \;\
|
||||
source-file "$HOME/.config/tmux/tmux.conf"
|
||||
|
||||
# set -g @plugin 'tmux-plugins/tpm'
|
||||
# set -g @plugin 'tmux-plugins/tmux-resurrect'
|
||||
# set -g @plugin 'tmux-plugins/tmux-continuum'
|
||||
|
||||
# set -g @resurrect-capture-pane-contents 'on'
|
||||
# set -g @resurrect-processes 'helix hx vi vim nvim emacs man less more tail top htop btm irssi weechat mutt "git log" iex mix deno watchexec mosh-client ssh senpai broot nnn iex mix'
|
||||
|
||||
# bind A run-shell "#{@resurrect-save-script-path}"
|
||||
# bind L run-shell "#{@resurrect-restore-script-path}"
|
||||
|
||||
# set -g @continuum-restore 'on'
|
||||
# set -g @continuum-save-interval '120'
|
||||
'';
|
||||
};
|
||||
home.shellAliases = {
|
||||
t = "tmux";
|
||||
};
|
||||
}
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
colors,
|
||||
font,
|
||||
pkgs,
|
||||
style,
|
||||
...
|
||||
}: {
|
||||
programs.waybar = {
|
||||
|
@ -10,38 +10,41 @@
|
|||
"layer" = "top";
|
||||
"position" = "bottom";
|
||||
"output" = ["eDP-1" "DP-3"];
|
||||
"height" = 32;
|
||||
"modules-left" = ["clock" "sway/window"];
|
||||
"modules-center" = ["sway/workspaces"];
|
||||
"modules-right" = [
|
||||
"mpris"
|
||||
"height" = 50;
|
||||
"modules-left" = [
|
||||
"idle_inhibitor"
|
||||
"bluetooth"
|
||||
# "wireplumber",
|
||||
"sway/workspaces"
|
||||
"sway/window"
|
||||
];
|
||||
"modules-center" = [];
|
||||
"modules-right" = [
|
||||
"privacy"
|
||||
"power-profiles-daemon"
|
||||
"mpris"
|
||||
## "disk"
|
||||
## TODO: will need a custom module for Disk IO
|
||||
|
||||
## "wireplumber" # pulseaudio module is more featureful
|
||||
"pulseaudio"
|
||||
# "network",
|
||||
"network"
|
||||
"cpu"
|
||||
"memory"
|
||||
# "temperature",
|
||||
"temperature"
|
||||
"backlight"
|
||||
"battery"
|
||||
|
||||
"bluetooth"
|
||||
"tray"
|
||||
"clock"
|
||||
];
|
||||
"bluetooth" = {
|
||||
"format" = "<span</span>";
|
||||
"format-connected" = "<span></span>";
|
||||
"format-connected-battery" = "<span></span>";
|
||||
# "format-device-preference" = [ "device1", "device2" ], # preference list deciding the displayed devic;
|
||||
"tooltip-format" = "{controller_alias}@{controller_address} ({num_connections} connected)";
|
||||
"tooltip-format-connected" = "{controller_alias}@{controller_address} ({num_connections} connected)\n{device_enumerate}";
|
||||
"tooltip-format-enumerate-connected" = "{device_alias}@{device_address}";
|
||||
"tooltip-format-enumerate-connected-battery" = "{device_alias}@{device_address} ( {device_battery_percentage}%)";
|
||||
"format" = "<span></span>";
|
||||
"on-click" = "${pkgs.blueman}/bin/blueman-manager";
|
||||
};
|
||||
"wireplumber" = {
|
||||
"format" = "{volume}% {icon}";
|
||||
"on-click" = "helvum";
|
||||
};
|
||||
# "wireplumber" = ;
|
||||
# "format" = "{volume}% {icon}";
|
||||
# "format-muted" = "";
|
||||
# "on-click" = "helvum;
|
||||
# },
|
||||
"sway/workspaces" = {
|
||||
"disable-scroll" = false;
|
||||
"persistent_workspaces" = {
|
||||
|
@ -59,31 +62,40 @@
|
|||
"tray" = {
|
||||
"icon-size" = 24;
|
||||
"spacing" = 4;
|
||||
"show-passive-items" = true;
|
||||
};
|
||||
"clock" = {
|
||||
"interval" = 1;
|
||||
"format" = "{:%a %b %d %H:%M:%S}";
|
||||
"format" = "{:%a %b %d\n%H:%M:%S}";
|
||||
"justify" = "center";
|
||||
};
|
||||
"cpu" = {
|
||||
"format" = "{usage} <span></span>";
|
||||
"format" = "{usage}%\nCPU";
|
||||
"tooltip" = true;
|
||||
"interval" = 3;
|
||||
"interval" = 5;
|
||||
"justify" = "center";
|
||||
};
|
||||
"memory" = {
|
||||
"format" = "{} ";
|
||||
"format" = "{}%\nRAM";
|
||||
"tooltip" = true;
|
||||
"interval" = 5;
|
||||
"justify" = "center";
|
||||
};
|
||||
"temperature" = {
|
||||
# "thermal-zone" = 2;
|
||||
# "hwmon-path" = "/sys/class/hwmon/hwmon2/temp1_input";
|
||||
/*
|
||||
"thermal-zone" = 2;
|
||||
"hwmon-path" = "/sys/class/hwmon/hwmon2/temp1_input";
|
||||
"format-critical" = "{temperatureC}°C {icon}";
|
||||
*/
|
||||
"critical-threshold" = 80;
|
||||
# "format-critical" = "{temperatureC}°C {icon}";
|
||||
"format" = "{temperatureC}°C {icon}";
|
||||
"format-icons" = ["" "" ""];
|
||||
"format" = "{temperatureC}\n°C";
|
||||
"justify" = "center";
|
||||
};
|
||||
"backlight" = {
|
||||
# "device" = "acpi_video1";
|
||||
"format" = "{percent}% {icon}";
|
||||
"format" = "{percent}%\n{icon}";
|
||||
"format-icons" = ["" ""];
|
||||
"justify" = "center";
|
||||
};
|
||||
"battery" = {
|
||||
"states" = {
|
||||
|
@ -91,55 +103,55 @@
|
|||
"warning" = 30;
|
||||
"critical" = 1;
|
||||
};
|
||||
"format" = "{capacity}% {icon}";
|
||||
"format-charging" = "{capacity}% ";
|
||||
"format-plugged" = "{capacity}% ";
|
||||
"format-alt" = "{time} {icon}";
|
||||
"format-good" = ""; # An empty format will hide the modul;
|
||||
"format-full" = "";
|
||||
"format-icons" = ["" "" "" "" ""];
|
||||
"tooltip-format" = "{timeTo}\n{power} watts\n{health}% health\n{cycles} cycles";
|
||||
"format" = "{icon}{capacity}%-\n{time}";
|
||||
"format-charging" = "{capacity}%+\n{time}";
|
||||
"format-plugged" = "{capacity}%=\n{time}";
|
||||
"format-alt" = "{capacity}%";
|
||||
"format-good" = ""; # An empty format will hide the module
|
||||
"format-time" = "{H}:{m}";
|
||||
"justify" = "center";
|
||||
};
|
||||
"network" = {
|
||||
"format-wifi" = "{essid} ({signalStrength}%) ";
|
||||
"format-ethernet" = "{ifname}: {ipaddr}/{cidr} ";
|
||||
"format-linked" = "{ifname} (No IP) ";
|
||||
"format-disconnected" = "Disconnected ⚠";
|
||||
"format-alt" = "{ifname}: {ipaddr}/{cidr}";
|
||||
"format-wifi" = "{bandwidthUpBits} up \n{bandwidthDownBits} down";
|
||||
"format-ethernet" = "{bandwidthUpBits} up \n{bandwidthDownBits} down";
|
||||
"format-linked" = "{bandwidthUpBits} up \n{bandwidthDownBits} down";
|
||||
"format-disconnected" = "No Network {icon}";
|
||||
"format-alt" = "{bandwidthUpBits} up \n{bandwidthDownBits} down";
|
||||
"interval" = 5;
|
||||
"justify" = "right";
|
||||
};
|
||||
"mpris" = {
|
||||
"format" = "{title} by {artist}";
|
||||
"format" = "{title}\nby {artist}";
|
||||
"title-len" = 64;
|
||||
"artist-len" = 61;
|
||||
"justify" = "center";
|
||||
};
|
||||
"pulseaudio" = {
|
||||
# "scroll-step" = 1, # %, can be a floa;
|
||||
"format" = "{volume} {icon} <span>{format_source}</span>";
|
||||
#"format" = "{volume}% {icon} {format_source}";
|
||||
#"format-bluetooth" = "{volume}% {icon} {format_source}";
|
||||
#"format-bluetooth-muted" = " {icon} {format_source}";
|
||||
#"format-muted" = " {format_source}";
|
||||
"format-muted" = " {format_source}";
|
||||
"format-source" = "";
|
||||
"format-source-muted" = "";
|
||||
"format-icons" = {
|
||||
"headphones" = "";
|
||||
"handsfree" = "";
|
||||
"headset" = "";
|
||||
"phone" = "";
|
||||
"portable" = "";
|
||||
"car" = "";
|
||||
"default" = ["" "" ""];
|
||||
};
|
||||
/*
|
||||
"scroll-step" = 1, # %, can be a floa;
|
||||
"format" = "{volume}% {icon} {format_source}";
|
||||
"format-muted" = " {format_source}";
|
||||
*/
|
||||
"format" = "{volume}%\n{format_source}";
|
||||
"format-muted" = "MUTE\n{format_source}";
|
||||
"format-bluetooth" = "{volume}%\n{format_source}";
|
||||
"format-bluetooth-muted" = "MUTE\n{format_source}";
|
||||
"format-source" = "MIC ON";
|
||||
"format-source-muted" = "MIC OFF";
|
||||
# TODO: toggle mute?
|
||||
"on-click" = "pavucontrol";
|
||||
"on-click" = "${pkgs.pavucontrol}/bin/pavucontrol";
|
||||
"justify" = "center";
|
||||
};
|
||||
};
|
||||
};
|
||||
style = let
|
||||
border-width = "0px";
|
||||
in
|
||||
with colors.withHashPrefix; ''
|
||||
with style.colors.withHashPrefix; ''
|
||||
* {
|
||||
border-radius: 0;
|
||||
font-family: "${font.name}", "Symbols Nerd Font Mono", sans-serif;
|
||||
font-family: "${style.font.name}", "Symbols Nerd Font Mono", sans-serif;
|
||||
font-size: 16px;
|
||||
}
|
||||
|
||||
|
|
|
@ -1,10 +0,0 @@
|
|||
{
|
||||
# font,
|
||||
# colors,
|
||||
...
|
||||
}: {
|
||||
programs.wezterm = {
|
||||
enable = true;
|
||||
extraConfig = builtins.readFile ./wezterm/config.lua;
|
||||
};
|
||||
}
|
|
@ -1,44 +1,34 @@
|
|||
local wezterm = require 'wezterm'
|
||||
|
||||
-- rough duplication of colors.nix and font values from flake.nix
|
||||
FONT = {
|
||||
name = "IosevkaLyteTerm";
|
||||
size = 12;
|
||||
}
|
||||
|
||||
COLORS = {
|
||||
};
|
||||
|
||||
local config = {}
|
||||
|
||||
if wezterm.config_builder then
|
||||
config = wezterm.config_builder()
|
||||
end
|
||||
|
||||
local font_spec = { family = FONT.name, weight = 'Medium', italic = false }
|
||||
local font_size = tostring(FONT.size);
|
||||
|
||||
local font = wezterm.font_with_fallback{
|
||||
font_spec,
|
||||
config.adjust_window_size_when_changing_font_size = false
|
||||
config.font = wezterm.font_with_fallback {
|
||||
{ family = "IosevkaLyteTerm", weight = 'Medium', italic = false },
|
||||
{ family = 'Symbols Nerd Font Mono', weight = 'Regular', italic = false },
|
||||
'Noto Color Emoji',
|
||||
}
|
||||
|
||||
-- config.disable_default_key_bindings = true
|
||||
config.default_cursor_style = 'BlinkingBar'
|
||||
|
||||
config.font = font
|
||||
config.font_size = font_size
|
||||
|
||||
config.hide_tab_bar_if_only_one_tab = true
|
||||
config.use_fancy_tab_bar = false
|
||||
config.tab_bar_at_bottom = false
|
||||
config.window_background_opacity = 1.0
|
||||
config.enable_kitty_keyboard = true
|
||||
|
||||
config.font_size = 12.0
|
||||
-- config.window_frame.font = config.font
|
||||
-- config.window_frame.font_size = font_size
|
||||
|
||||
config.default_cursor_style = 'BlinkingBar'
|
||||
-- config.disable_default_key_bindings = true
|
||||
config.hide_tab_bar_if_only_one_tab = true
|
||||
config.use_fancy_tab_bar = false
|
||||
config.tab_bar_at_bottom = true
|
||||
config.window_background_opacity = 1.0
|
||||
config.enable_kitty_keyboard = true
|
||||
config.show_new_tab_button_in_tab_bar = true
|
||||
config.notification_handling = "SuppressFromFocusedTab"
|
||||
|
||||
-- config.front_end = "WebGpu"
|
||||
-- config.webgpu_power_preference = 'HighPerformance'
|
||||
config.enable_wayland = true
|
||||
-- config.use_ime = true
|
||||
|
||||
local function tab_title(tab_info)
|
||||
local title = tab_info.tab_title
|
||||
if title and #title > 0 then
|
||||
|
@ -53,101 +43,8 @@ wezterm.on('format-tab-title', function (tab, _, _, _, _, max_width)
|
|||
return ' ' .. string.sub(title, 0, max_width - 2) .. ' '
|
||||
end)
|
||||
|
||||
-- TODO: port colors
|
||||
config.colors = {
|
||||
foreground = '${fg}',
|
||||
background = '${bg}',
|
||||
cursor_bg = '${text}',
|
||||
cursor_fg = '${bg}',
|
||||
cursor_border = '${text}',
|
||||
|
||||
selection_fg = '${bg}',
|
||||
selection_bg = '${yellow}',
|
||||
|
||||
scrollbar_thumb = '${bg2}',
|
||||
|
||||
split = '${bg5}',
|
||||
|
||||
ansi = {
|
||||
'${colors.withHashPrefix."0"}',
|
||||
'${colors.withHashPrefix."1"}',
|
||||
'${colors.withHashPrefix."2"}',
|
||||
'${colors.withHashPrefix."3"}',
|
||||
'${colors.withHashPrefix."4"}',
|
||||
'${colors.withHashPrefix."5"}',
|
||||
'${colors.withHashPrefix."6"}',
|
||||
'${colors.withHashPrefix."7"}',
|
||||
},
|
||||
brights = {
|
||||
'${colors.withHashPrefix."8"}',
|
||||
'${colors.withHashPrefix."9"}',
|
||||
'${colors.withHashPrefix."10"}',
|
||||
'${colors.withHashPrefix."11"}',
|
||||
'${colors.withHashPrefix."12"}',
|
||||
'${colors.withHashPrefix."13"}',
|
||||
'${colors.withHashPrefix."14"}',
|
||||
'${colors.withHashPrefix."15"}',
|
||||
},
|
||||
|
||||
tab_bar = {
|
||||
background = '${bg3}',
|
||||
|
||||
active_tab = {
|
||||
bg_color = '${primary}',
|
||||
fg_color = '${bg}',
|
||||
italic = false,
|
||||
},
|
||||
inactive_tab = {
|
||||
bg_color = '${bg2}',
|
||||
fg_color = '${fgdim}',
|
||||
italic = false,
|
||||
},
|
||||
inactive_tab_hover = {
|
||||
bg_color = '${bg3}',
|
||||
fg_color = '${primary}',
|
||||
italic = false,
|
||||
},
|
||||
new_tab = {
|
||||
bg_color = '${bg2}',
|
||||
fg_color = '${fgdim}',
|
||||
italic = false,
|
||||
},
|
||||
new_tab_hover = {
|
||||
bg_color = '${bg3}',
|
||||
fg_color = '${primary}',
|
||||
italic = false,
|
||||
},
|
||||
},
|
||||
|
||||
-- Arbitrary colors of the palette in the range from 16 to 255
|
||||
indexed = { [136] = '#af8700' },
|
||||
|
||||
-- Since: 20220319-142410-0fcdea07
|
||||
-- When the IME, a dead key or a leader key are being processed and are effectively
|
||||
-- holding input pending the result of input composition, change the cursor
|
||||
-- to this color to give a visual cue about the compose state.
|
||||
compose_cursor = 'orange',
|
||||
|
||||
-- Colors for copy_mode and quick_select
|
||||
-- available since: 20220807-113146-c2fee766
|
||||
-- In copy_mode, the color of the active text is:
|
||||
-- 1. copy_mode_active_highlight_* if additional text was selected using the mouse
|
||||
-- 2. selection_* otherwise
|
||||
copy_mode_active_highlight_bg = { Color = '#000000' },
|
||||
-- use `AnsiColor` to specify one of the ansi color palette values
|
||||
-- (index 0-15) using one of the names "Black", "Maroon", "Green",
|
||||
-- "Olive", "Navy", "Purple", "Teal", "Silver", "Grey", "Red", "Lime",
|
||||
-- "Yellow", "Blue", "Fuchsia", "Aqua" or "White".
|
||||
copy_mode_active_highlight_fg = { AnsiColor = 'Black' },
|
||||
copy_mode_inactive_highlight_bg = { Color = '#52ad70' },
|
||||
copy_mode_inactive_highlight_fg = { AnsiColor = 'White' },
|
||||
|
||||
quick_select_label_bg = { Color = 'peru' },
|
||||
quick_select_label_fg = { Color = '#ffffff' },
|
||||
quick_select_match_bg = { AnsiColor = 'Navy' },
|
||||
quick_select_match_fg = { Color = '#ffffff' },
|
||||
}
|
||||
|
||||
-- see nix module which has home manager create this color scheme file
|
||||
config.color_scheme = 'catppuccin-mocha-sapphire';
|
||||
|
||||
config.inactive_pane_hsb = {
|
||||
saturation = 0.8,
|
||||
|
@ -215,6 +112,16 @@ config.keys = {
|
|||
mods = 'CTRL|SHIFT',
|
||||
action = wezterm.action.ActivateCommandPalette
|
||||
},
|
||||
{
|
||||
key = 'w',
|
||||
mods = 'CTRL|SHIFT',
|
||||
action = wezterm.action.CloseCurrentPane { confirm = true },
|
||||
},
|
||||
{
|
||||
key = 'w',
|
||||
mods = 'CTRL|ALT|SHIFT',
|
||||
action = wezterm.action.CloseCurrentTab { confirm = true },
|
||||
},
|
||||
{
|
||||
key = 'l',
|
||||
mods = 'CTRL|SHIFT|ALT',
|
||||
|
|
|
@ -1,513 +0,0 @@
|
|||
{
|
||||
colors,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
# zellij does not support modern terminal keyboard input:
|
||||
# https://github.com/zellij-org/zellij/issues/735
|
||||
programs.zellij = {
|
||||
# uses home manager's toKDL generator
|
||||
enable = true;
|
||||
# enableFishIntegration = true;
|
||||
settings = {
|
||||
pane_frames = false;
|
||||
simplified_ui = true;
|
||||
default_mode = "locked";
|
||||
mouse_mode = true;
|
||||
copy_clipboard = "primary";
|
||||
copy_on_select = true;
|
||||
mirror_session = false;
|
||||
|
||||
keybinds = with builtins; let
|
||||
binder = bind: let
|
||||
keys = elemAt bind 0;
|
||||
action = elemAt bind 1;
|
||||
argKeys = map (k: "\"${k}\"") (lib.lists.flatten [keys]);
|
||||
in {
|
||||
name = "bind ${concatStringsSep " " argKeys}";
|
||||
value = action;
|
||||
};
|
||||
layer = binds: (listToAttrs (map binder binds));
|
||||
in {
|
||||
# _props = {clear-defaults = true;};
|
||||
normal = {};
|
||||
locked = layer [
|
||||
[["Ctrl g"] {SwitchToMode = "Normal";}]
|
||||
[["Ctrl L"] {NewPane = "Right";}]
|
||||
[["Ctrl Z"] {NewPane = "Right";}]
|
||||
[["Ctrl J"] {NewPane = "Down";}]
|
||||
[["Ctrl h"] {MoveFocus = "Left";}]
|
||||
[["Ctrl l"] {MoveFocus = "Right";}]
|
||||
[["Ctrl j"] {MoveFocus = "Down";}]
|
||||
[["Ctrl k"] {MoveFocus = "Up";}]
|
||||
];
|
||||
resize = layer [
|
||||
[["Ctrl n"] {SwitchToMode = "Normal";}]
|
||||
[["h" "Left"] {Resize = "Increase Left";}]
|
||||
[["j" "Down"] {Resize = "Increase Down";}]
|
||||
[["k" "Up"] {Resize = "Increase Up";}]
|
||||
[["l" "Right"] {Resize = "Increase Right";}]
|
||||
[["H"] {Resize = "Decrease Left";}]
|
||||
[["J"] {Resize = "Decrease Down";}]
|
||||
[["K"] {Resize = "Decrease Up";}]
|
||||
[["L"] {Resize = "Decrease Right";}]
|
||||
[["=" "+"] {Resize = "Increase";}]
|
||||
[["-"] {Resize = "Decrease";}]
|
||||
];
|
||||
pane = layer [
|
||||
[["Ctrl p"] {SwitchToMode = "Normal";}]
|
||||
[["h" "Left"] {MoveFocus = "Left";}]
|
||||
[["l" "Right"] {MoveFocus = "Right";}]
|
||||
[["j" "Down"] {MoveFocus = "Down";}]
|
||||
[["k" "Up"] {MoveFocus = "Up";}]
|
||||
[["p"] {SwitchFocus = [];}]
|
||||
[
|
||||
["n"]
|
||||
{
|
||||
NewPane = [];
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["d"]
|
||||
{
|
||||
NewPane = "Down";
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["r"]
|
||||
{
|
||||
NewPane = "Right";
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["x"]
|
||||
{
|
||||
CloseFocus = [];
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["f"]
|
||||
{
|
||||
ToggleFocusFullscreen = [];
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["z"]
|
||||
{
|
||||
TogglePaneFrames = [];
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["w"]
|
||||
{
|
||||
ToggleFloatingPanes = [];
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["e"]
|
||||
{
|
||||
TogglePaneEmbedOrFloating = [];
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["c"]
|
||||
{
|
||||
SwitchToMode = "RenamePane";
|
||||
PaneNameInput = 0;
|
||||
}
|
||||
]
|
||||
];
|
||||
move = layer [
|
||||
[["Ctrl h"] {SwitchToMode = "Normal";}]
|
||||
[["n" "Tab"] {MovePane = [];}]
|
||||
[["p"] {MovePaneBackwards = [];}]
|
||||
[["h" "Left"] {MovePane = "Left";}]
|
||||
[["j" "Down"] {MovePane = "Down";}]
|
||||
[["k" "Up"] {MovePane = "Up";}]
|
||||
[["l" "Right"] {MovePane = "Right";}]
|
||||
];
|
||||
tab = layer [
|
||||
[["Ctrl t"] {SwitchToMode = "Normal";}]
|
||||
[
|
||||
["r"]
|
||||
{
|
||||
SwitchToMode = "RenameTab";
|
||||
TabNameInput = 0;
|
||||
}
|
||||
]
|
||||
[["h" "Left" "Up" "k"] {GoToPreviousTab = [];}]
|
||||
[["l" "Right" "Down" "j"] {GoToNextTab = [];}]
|
||||
[
|
||||
["n"]
|
||||
{
|
||||
NewTab = [];
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["x"]
|
||||
{
|
||||
CloseTab = [];
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["s"]
|
||||
{
|
||||
ToggleActiveSyncTab = [];
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["1"]
|
||||
{
|
||||
GoToTab = 1;
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["2"]
|
||||
{
|
||||
GoToTab = 2;
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["3"]
|
||||
{
|
||||
GoToTab = 3;
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["4"]
|
||||
{
|
||||
GoToTab = 4;
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["5"]
|
||||
{
|
||||
GoToTab = 5;
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["6"]
|
||||
{
|
||||
GoToTab = 6;
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["7"]
|
||||
{
|
||||
GoToTab = 7;
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["8"]
|
||||
{
|
||||
GoToTab = 8;
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["9"]
|
||||
{
|
||||
GoToTab = 9;
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[["Tab"] {ToggleTab = [];}]
|
||||
];
|
||||
scroll = layer [
|
||||
[["Ctrl s"] {SwitchToMode = "Normal";}]
|
||||
[
|
||||
["e"]
|
||||
{
|
||||
EditScrollback = [];
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["s"]
|
||||
{
|
||||
SwitchToMode = "EnterSearch";
|
||||
SearchInput = 0;
|
||||
}
|
||||
]
|
||||
[
|
||||
["Ctrl c"]
|
||||
{
|
||||
ScrollToBottom = [];
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[["j" "Down"] {ScrollDown = [];}]
|
||||
[["k" "Up"] {ScrollUp = [];}]
|
||||
[["Ctrl f" "PageDown" "Right" "l"] {PageScrollDown = [];}]
|
||||
[["Ctrl b" "PageUp" "Left" "h"] {PageScrollUp = [];}]
|
||||
[["d"] {HalfPageScrollDown = [];}]
|
||||
[["u"] {HalfPageScrollUp = [];}]
|
||||
# uncomment this and adjust key if using copy_on_select=false
|
||||
# bind "Alt c" { Copy; }
|
||||
];
|
||||
search = layer [
|
||||
[["Ctrl s"] {SwitchToMode = "Normal";}]
|
||||
[
|
||||
["Ctrl c"]
|
||||
{
|
||||
ScrollToBottom = [];
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[["j" "Down"] {ScrollDown = [];}]
|
||||
[["k" "Up"] {ScrollUp = [];}]
|
||||
[["Ctrl f" "PageDown" "Right" "l"] {PageScrollDown = [];}]
|
||||
[["Ctrl b" "PageUp" "Left" "h"] {PageScrollUp = [];}]
|
||||
[["d"] {HalfPageScrollDown = [];}]
|
||||
[["u"] {HalfPageScrollUp = [];}]
|
||||
[["n"] {Search = "down";}]
|
||||
[["p"] {Search = "up";}]
|
||||
[["c"] {SearchToggleOption = "CaseSensitivity";}]
|
||||
[["w"] {SearchToggleOption = "Wrap";}]
|
||||
[["o"] {SearchToggleOption = "WholeWord";}]
|
||||
];
|
||||
entersearch = layer [
|
||||
[["Ctrl c" "Esc"] {SwitchToMode = "Scroll";}]
|
||||
[["Enter"] {SwitchToMode = "Search";}]
|
||||
];
|
||||
renametab = layer [
|
||||
[["Ctrl c"] {SwitchToMode = "Normal";}]
|
||||
[
|
||||
["Esc"]
|
||||
{
|
||||
UndoRenameTab = [];
|
||||
SwitchToMode = "Tab";
|
||||
}
|
||||
]
|
||||
];
|
||||
renamepane = layer [
|
||||
[["Ctrl c"] {SwitchToMode = "Normal";}]
|
||||
[
|
||||
["Esc"]
|
||||
{
|
||||
UndoRenamePane = [];
|
||||
SwitchToMode = "Pane";
|
||||
}
|
||||
]
|
||||
];
|
||||
session = layer [
|
||||
[["Ctrl o"] {SwitchToMode = "Normal";}]
|
||||
[["Ctrl s"] {SwitchToMode = "Scroll";}]
|
||||
[["d"] {Detach = [];}]
|
||||
];
|
||||
tmux = layer [
|
||||
[["["] {SwitchToMode = "Scroll";}]
|
||||
[
|
||||
["Ctrl b"]
|
||||
{
|
||||
Write = 2;
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["\\\""]
|
||||
{
|
||||
NewPane = "Down";
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["%"]
|
||||
{
|
||||
NewPane = "Right";
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["z"]
|
||||
{
|
||||
ToggleFocusFullscreen = [];
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["c"]
|
||||
{
|
||||
NewTab = [];
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[[","] {SwitchToMode = "RenameTab";}]
|
||||
[
|
||||
["p"]
|
||||
{
|
||||
GoToPreviousTab = [];
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["n"]
|
||||
{
|
||||
GoToNextTab = [];
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["Left"]
|
||||
{
|
||||
MoveFocus = "Left";
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["Right"]
|
||||
{
|
||||
MoveFocus = "Right";
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["Down"]
|
||||
{
|
||||
MoveFocus = "Down";
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["Up"]
|
||||
{
|
||||
MoveFocus = "Up";
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["h"]
|
||||
{
|
||||
MoveFocus = "Left";
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["l"]
|
||||
{
|
||||
MoveFocus = "Right";
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["j"]
|
||||
{
|
||||
MoveFocus = "Down";
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[
|
||||
["k"]
|
||||
{
|
||||
MoveFocus = "Up";
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
[["o"] {FocusNextPane = [];}]
|
||||
[["d"] {Detach = [];}]
|
||||
[["Space"] {NextSwapLayout = [];}]
|
||||
[
|
||||
["x"]
|
||||
{
|
||||
CloseFocus = [];
|
||||
SwitchToMode = "Normal";
|
||||
}
|
||||
]
|
||||
];
|
||||
"shared_except \"locked\"" = layer [
|
||||
[["Ctrl g"] {SwitchToMode = "Locked";}]
|
||||
[["Ctrl q"] {Quit = [];}]
|
||||
[["Alt n"] {NewPane = [];}]
|
||||
[["Alt h" "Alt Left"] {MoveFocusOrTab = "Left";}]
|
||||
[["Alt l" "Alt Right"] {MoveFocusOrTab = "Right";}]
|
||||
[["Alt j" "Alt Down"] {MoveFocus = "Down";}]
|
||||
[["Alt k" "Alt Up"] {MoveFocus = "Up";}]
|
||||
[["Alt ]" "Alt +"] {Resize = "Increase";}]
|
||||
[["Alt -"] {Resize = "Decrease";}]
|
||||
[["Alt ["] {PreviousSwapLayout = [];}]
|
||||
[["Alt ]"] {NextSwapLayout = [];}]
|
||||
];
|
||||
"shared_except \"normal\" \"locked\"" = layer [
|
||||
[["Enter" "Esc"] {SwitchToMode = "Normal";}]
|
||||
];
|
||||
"shared_except \"pane\" \"locked\"" = layer [
|
||||
[["Ctrl p"] {SwitchToMode = "Pane";}]
|
||||
];
|
||||
"shared_except \"resize\" \"locked\"" = layer [
|
||||
[["Ctrl n"] {SwitchToMode = "Resize";}]
|
||||
];
|
||||
"shared_except \"scroll\" \"locked\"" = layer [
|
||||
[["Ctrl s"] {SwitchToMode = "Scroll";}]
|
||||
];
|
||||
"shared_except \"session\" \"locked\"" = layer [
|
||||
[["Ctrl o"] {SwitchToMode = "Session";}]
|
||||
];
|
||||
"shared_except \"tab\" \"locked\"" = layer [
|
||||
[["Ctrl t"] {SwitchToMode = "Tab";}]
|
||||
];
|
||||
"shared_except \"move\" \"locked\"" = layer [
|
||||
[["Ctrl h"] {SwitchToMode = "Move";}]
|
||||
];
|
||||
"shared_except \"tmux\" \"locked\"" = layer [
|
||||
[["Ctrl b"] {SwitchToMode = "Tmux";}]
|
||||
];
|
||||
};
|
||||
|
||||
default_layout = "compact";
|
||||
theme = "match";
|
||||
|
||||
themes = {
|
||||
match = with colors.withHashPrefix; {
|
||||
fg = fg;
|
||||
bg = bg;
|
||||
|
||||
black = bg;
|
||||
white = fg;
|
||||
|
||||
red = red;
|
||||
green = green;
|
||||
yellow = yellow;
|
||||
blue = blue;
|
||||
magenta = purple;
|
||||
cyan = blue;
|
||||
orange = orange;
|
||||
};
|
||||
};
|
||||
# TODO: port config
|
||||
|
||||
plugins = {
|
||||
# tab-bar = {path = "tab-bar";};
|
||||
# compact-bar = {path = "compact-bar";};
|
||||
};
|
||||
|
||||
ui = {
|
||||
pane_frames = {
|
||||
rounded_corners = true;
|
||||
hide_session_name = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
home.shellAliases = {
|
||||
z = "zellij";
|
||||
};
|
||||
}
|
|
@ -1,257 +0,0 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
inputs,
|
||||
colors,
|
||||
# outputs,
|
||||
system,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
networking.hostName = lib.mkDefault "nixoslyte";
|
||||
|
||||
imports = [
|
||||
inputs.home-manager.nixosModules.home-manager
|
||||
];
|
||||
|
||||
hardware.enableRedistributableFirmware = true;
|
||||
|
||||
services.journald.extraConfig = "SystemMaxUse=1G";
|
||||
|
||||
environment = {
|
||||
variables = {
|
||||
EDITOR = "hx";
|
||||
VISUAL = "hx";
|
||||
PAGER = "less";
|
||||
MANPAGER = "less";
|
||||
};
|
||||
|
||||
systemPackages = with pkgs;
|
||||
[
|
||||
# age
|
||||
# bat
|
||||
# bc
|
||||
# bind
|
||||
# bottom
|
||||
# btrfs-progs
|
||||
# cue
|
||||
curl
|
||||
# dogdns
|
||||
dua
|
||||
eza
|
||||
fd
|
||||
file
|
||||
fzf
|
||||
gnumake
|
||||
# gron
|
||||
# hexyl
|
||||
iputils
|
||||
# jq
|
||||
killall
|
||||
less
|
||||
mosh
|
||||
# nmap
|
||||
nettools
|
||||
openssl
|
||||
# pciutils
|
||||
# pv
|
||||
# rclone
|
||||
# restic
|
||||
ripgrep
|
||||
rsync
|
||||
# rtx
|
||||
sd
|
||||
# sops
|
||||
smartmontools
|
||||
# sqlite
|
||||
# skim
|
||||
# sysstat
|
||||
unzip
|
||||
# usbutils
|
||||
# watchexec
|
||||
wget
|
||||
# xh
|
||||
zellij
|
||||
# zstd
|
||||
]
|
||||
++ (with inputs.home-manager.packages.${system}; [
|
||||
home-manager
|
||||
])
|
||||
++ (with inputs.helix.packages.${system}; [
|
||||
helix
|
||||
]);
|
||||
};
|
||||
|
||||
users.groups.daniel = {};
|
||||
|
||||
users.users = {
|
||||
daniel = {
|
||||
isNormalUser = true;
|
||||
home = "/home/daniel/.home";
|
||||
createHome = true;
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAPLXOjupz3ScYjgrF+ehrbp9OvGAWQLI6fplX6w9Ijb daniel@lyte.dev"
|
||||
];
|
||||
group = "daniel";
|
||||
extraGroups = ["users" "wheel" "video" "dialout" "uucp"];
|
||||
packages = [];
|
||||
};
|
||||
|
||||
root = {
|
||||
openssh.authorizedKeys.keys = config.users.users.daniel.openssh.authorizedKeys.keys;
|
||||
};
|
||||
};
|
||||
|
||||
i18n = {
|
||||
defaultLocale = "en_US.UTF-8";
|
||||
};
|
||||
|
||||
services = {
|
||||
xserver = {
|
||||
layout = "us";
|
||||
xkbOptions = "ctrl:nocaps";
|
||||
};
|
||||
|
||||
openssh = {
|
||||
enable = true;
|
||||
|
||||
settings = {
|
||||
PasswordAuthentication = false;
|
||||
};
|
||||
|
||||
openFirewall = lib.mkDefault false;
|
||||
|
||||
# listenAddresses = [
|
||||
# { addr = "0.0.0.0"; port = 22; }
|
||||
# ];
|
||||
};
|
||||
|
||||
tailscale = {
|
||||
enable = true;
|
||||
useRoutingFeatures = lib.mkDefault "client";
|
||||
};
|
||||
|
||||
fwupd.enable = true;
|
||||
smartd.enable = true;
|
||||
};
|
||||
|
||||
console = {
|
||||
font = "Lat2-Terminus16";
|
||||
useXkbConfig = true;
|
||||
earlySetup = true;
|
||||
|
||||
colors = with colors; [
|
||||
bg
|
||||
red
|
||||
green
|
||||
orange
|
||||
blue
|
||||
purple
|
||||
yellow
|
||||
fg3
|
||||
fgdim
|
||||
red
|
||||
green
|
||||
orange
|
||||
blue
|
||||
purple
|
||||
yellow
|
||||
fg
|
||||
];
|
||||
};
|
||||
|
||||
networking = {
|
||||
useDHCP = lib.mkDefault true;
|
||||
|
||||
firewall = {
|
||||
enable = lib.mkDefault true;
|
||||
allowPing = lib.mkDefault true;
|
||||
allowedTCPPorts = lib.mkDefault [];
|
||||
allowedUDPPorts = lib.mkDefault [];
|
||||
};
|
||||
|
||||
# TODO: podman equivalent?
|
||||
extraHosts = ''
|
||||
::1 host.docker.internal
|
||||
127.0.0.1 host.docker.internal
|
||||
'';
|
||||
};
|
||||
|
||||
nix = {
|
||||
settings = {
|
||||
trusted-users = ["root" "daniel"];
|
||||
experimental-features = lib.mkDefault ["nix-command" "flakes"];
|
||||
substituters = [
|
||||
"https://cache.nixos.org/"
|
||||
"https://helix.cachix.org"
|
||||
"https://nix-community.cachix.org"
|
||||
"https://nix.h.lyte.dev"
|
||||
];
|
||||
trusted-public-keys = [
|
||||
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
|
||||
"helix.cachix.org-1:ejp9KQpR1FBI2onstMQ34yogDm4OgU2ru6lIwPvuCVs="
|
||||
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
||||
"h.lyte.dev:HeVWtne31ZG8iMf+c15VY3/Mky/4ufXlfTpT8+4Xbs0="
|
||||
];
|
||||
};
|
||||
|
||||
registry = {
|
||||
self.flake = inputs.self;
|
||||
|
||||
nixpkgs = {
|
||||
from = {
|
||||
id = "nixpkgs";
|
||||
type = "indirect";
|
||||
};
|
||||
flake = inputs.nixpkgs;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
nixpkgs = {
|
||||
config = {
|
||||
allowUnfree = true;
|
||||
};
|
||||
hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
};
|
||||
|
||||
programs = {
|
||||
fish = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
tmux = {
|
||||
enable = true;
|
||||
clock24 = true;
|
||||
};
|
||||
|
||||
traceroute.enable = true;
|
||||
|
||||
git = {
|
||||
enable = true;
|
||||
package = pkgs.gitFull;
|
||||
|
||||
lfs = {
|
||||
enable = true;
|
||||
};
|
||||
};
|
||||
|
||||
# https://github.com/nix-community/home-manager/issues/3113
|
||||
dconf.enable = true;
|
||||
};
|
||||
|
||||
time = {
|
||||
timeZone = "America/Chicago";
|
||||
};
|
||||
|
||||
users = {
|
||||
defaultUserShell = pkgs.fish;
|
||||
};
|
||||
|
||||
# TODO: should not be in common?
|
||||
# services.udev.extraRules = ''
|
||||
# # https://betaflight.com/docs/wiki/archive/Installing-Betaflight#step-1
|
||||
# # ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="2e3c", ATTRS{idProduct}=="df11", MODE="0664", GROUP="uucp"
|
||||
# # ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="df11", MODE="0664", GROUP="uucp"'
|
||||
# '';
|
||||
}
|
File diff suppressed because it is too large
Load diff
93
modules/nixos/deno-netlify-ddns-client.nix
Normal file
93
modules/nixos/deno-netlify-ddns-client.nix
Normal file
|
@ -0,0 +1,93 @@
|
|||
{
|
||||
lib,
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
inherit (lib) mkEnableOption mkOption types mkIf;
|
||||
inherit (lib.strings) optionalString;
|
||||
cfg = config.services.deno-netlify-ddns-client;
|
||||
in {
|
||||
options.services.deno-netlify-ddns-client = {
|
||||
enable = mkEnableOption "Enable the deno-netlify-ddns client.";
|
||||
username = mkOption {
|
||||
type = types.str;
|
||||
};
|
||||
passwordFile = mkOption {
|
||||
type = types.str;
|
||||
};
|
||||
endpoint = mkOption {
|
||||
type = types.str;
|
||||
default = "https://netlify-ddns.deno.dev";
|
||||
};
|
||||
ipv4 = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
};
|
||||
ipv6 = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
};
|
||||
requestTimeout = mkOption {
|
||||
type = types.int;
|
||||
description = "The maximum number of seconds before the HTTP request times out.";
|
||||
default = 180;
|
||||
};
|
||||
afterBootTime = mkOption {
|
||||
type = types.str;
|
||||
description = "A systemd.timers timespan. This option corresponds to the OnBootSec field in the timerConfig.";
|
||||
default = "5m";
|
||||
};
|
||||
every = mkOption {
|
||||
type = types.str;
|
||||
description = "A systemd.timers timespan. This option corresponds to the OnUnitActiveSec field in the timerConfig.";
|
||||
default = "5m";
|
||||
};
|
||||
};
|
||||
|
||||
config = {
|
||||
systemd.timers.deno-netlify-ddns-client = {
|
||||
enable = mkIf cfg.enable true;
|
||||
after = ["network.target"];
|
||||
wantedBy = ["timers.target"];
|
||||
timerConfig = {
|
||||
OnBootSec = cfg.afterBootTime;
|
||||
OnUnitActiveSec = cfg.every;
|
||||
Unit = "deno-netlify-ddns-client.service";
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.deno-netlify-ddns-client = {
|
||||
enable = mkIf cfg.enable true;
|
||||
after = ["network.target"];
|
||||
script = ''
|
||||
set -eu
|
||||
password="$(cat "${cfg.passwordFile}")"
|
||||
${optionalString cfg.ipv4 ''
|
||||
"${pkgs.curl}/bin/curl" -4 -s \
|
||||
-vvv \
|
||||
-X POST \
|
||||
--max-time ${toString cfg.requestTimeout} \
|
||||
-u "${cfg.username}:''${password}" \
|
||||
-L "${cfg.endpoint}/v1/netlify-ddns/replace-all-relevant-user-dns-records" 2>&1 \
|
||||
| "${pkgs.sd}/bin/sd" --fixed-strings "''${password}" "[REDACTED]" \
|
||||
| "${pkgs.sd}/bin/sd" -f i "Authorization: .*" "Authorization: [REST OF LINE REDACTED]"
|
||||
''}
|
||||
${optionalString cfg.ipv6 ''
|
||||
${pkgs.curl}/bin/curl -6 -s \
|
||||
-vvv \
|
||||
-X POST \
|
||||
--max-time ${toString cfg.requestTimeout} \
|
||||
-u "${cfg.username}:''${password}" \
|
||||
-L "${cfg.endpoint}/v1/netlify-ddns/replace-all-relevant-user-dns-records" 2>&1 \
|
||||
| "${pkgs.sd}/bin/sd" --fixed-strings "''${password}" "[REDACTED]" \
|
||||
| "${pkgs.sd}/bin/sd" -f i "Authorization: .*" "Authorization: [REST OF LINE REDACTED]"
|
||||
''}
|
||||
'';
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
User = "root";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,156 +0,0 @@
|
|||
{
|
||||
pkgs,
|
||||
inputs,
|
||||
outputs,
|
||||
system,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
./sway.nix
|
||||
# ./hyprland.nix
|
||||
# ./plasma.nix
|
||||
# ./gnome.nix
|
||||
./user-installed-applications.nix
|
||||
./kde-connect.nix
|
||||
];
|
||||
|
||||
nixpkgs.overlays = [outputs.overlays.modifications];
|
||||
|
||||
# fonts.packages if unstable?
|
||||
fonts.packages = with pkgs;
|
||||
[
|
||||
(nerdfonts.override {fonts = ["NerdFontsSymbolsOnly"];})
|
||||
]
|
||||
++ (with inputs.nixpkgs.legacyPackages.${system}; [
|
||||
(iosevka.override {
|
||||
set = "lyteterm";
|
||||
privateBuildPlan = ''
|
||||
[buildPlans.iosevka-lyteterm]
|
||||
family = "IosevkaLyteTerm"
|
||||
spacing = "fontconfig-mono"
|
||||
serifs = "sans"
|
||||
export-glyph-names = true
|
||||
|
||||
[buildPlans.iosevka-lyteterm.ligations]
|
||||
inherits = "dlig"
|
||||
disables = [ "exeqeqeq", "exeqeq", "exeqeq-dl", "exeq", "ineq", "connected-underscore", "connected-tilde-as-wave" ]
|
||||
|
||||
[buildPlans.iosevka-lyteterm.weights.regular]
|
||||
shape = 400
|
||||
menu = 400
|
||||
css = 400
|
||||
|
||||
[buildPlans.iosevka-lyteterm.weights.book]
|
||||
shape = 450
|
||||
menu = 450
|
||||
css = 450
|
||||
|
||||
[buildPlans.iosevka-lyteterm.weights.bold]
|
||||
shape = 700
|
||||
menu = 700
|
||||
css = 700
|
||||
|
||||
[buildPlans.iosevka-lyteterm.weights.black]
|
||||
shape = 900
|
||||
menu = 900
|
||||
css = 900
|
||||
|
||||
# [[buildPlans.iosevka-lyteterm.compatibility-ligatures]]
|
||||
# unicode = 57600 # 0xE100
|
||||
# featureTag = 'calt'
|
||||
# kequence = '<*>'
|
||||
|
||||
[buildPlans.iosevka-lyteterm.variants]
|
||||
inherits = "ss01"
|
||||
|
||||
[buildPlans.iosevka-lyteterm.variants.design]
|
||||
capital-a = 'curly-serifless'
|
||||
capital-b = 'standard-interrupted-serifless'
|
||||
capital-c = 'unilateral-inward-serifed'
|
||||
capital-d = 'standard-serifless'
|
||||
capital-g = 'toothless-rounded-inward-serifed-hooked'
|
||||
capital-i = 'serifed'
|
||||
capital-j = 'serifed'
|
||||
capital-k = 'curly-serifless'
|
||||
capital-l = 'motion-serifed'
|
||||
capital-m = 'hanging-serifless'
|
||||
capital-n = 'asymmetric-serifless'
|
||||
capital-p = 'open-serifless'
|
||||
capital-q = 'crossing'
|
||||
capital-r = 'standing-open-serifless'
|
||||
capital-s = 'unilateral-inward-serifed'
|
||||
capital-t = 'motion-serifed'
|
||||
capital-u = 'toothless-corner-serifless'
|
||||
capital-v = 'curly-serifless'
|
||||
capital-w = 'curly-serifless'
|
||||
capital-x = 'curly-serifless'
|
||||
capital-y = 'curly-base-serifed'
|
||||
capital-z = 'curly-top-serifed-with-crossbar'
|
||||
a = 'double-storey-toothless-corner'
|
||||
b = 'toothless-corner-serifless'
|
||||
c = 'unilateral-inward-serifed'
|
||||
d = 'toothless-corner-serifless'
|
||||
e = 'flat-crossbar'
|
||||
f = 'tailed'
|
||||
g = 'double-storey-open'
|
||||
# g = 'single-storey-earless-corner-flat-hook'
|
||||
h = 'straight-serifless'
|
||||
i = 'tailed-serifed'
|
||||
j = 'serifed'
|
||||
k = 'curly-serifless'
|
||||
l = 'tailed-serifed'
|
||||
m = 'earless-corner-double-arch-serifless'
|
||||
n = 'earless-corner-straight-serifless'
|
||||
p = 'earless-corner-serifless'
|
||||
q = 'earless-corner-diagonal-tailed-serifless'
|
||||
r = 'earless-corner-serifless'
|
||||
s = 'unilateral-inward-serifed'
|
||||
t = 'bent-hook-asymmetric'
|
||||
u = 'toothless-corner-serifless'
|
||||
v = 'curly-serifless'
|
||||
w = 'curly-serifless'
|
||||
x = 'curly-serifless'
|
||||
y = 'curly-turn-serifless'
|
||||
z = 'curly-top-serifed-with-crossbar'
|
||||
# cyrl-capital-ze = 'unilateral-inward-serifed'
|
||||
zero = 'reverse-slashed-split'
|
||||
one = 'base'
|
||||
two = 'curly-neck'
|
||||
three = 'two-arcs'
|
||||
four = 'semi-open-non-crossing'
|
||||
# five = 'vertical-upper-left-bar'
|
||||
five = 'upright-flat'
|
||||
six = 'straight-bar'
|
||||
seven = 'curly-serifed-crossbar'
|
||||
eight = 'two-circles'
|
||||
nine = 'straight-bar'
|
||||
tilde = 'low'
|
||||
asterisk = 'penta-low'
|
||||
underscore = 'above-baseline'
|
||||
pilcrow = 'low'
|
||||
caret = 'low'
|
||||
paren = 'flat-arc'
|
||||
brace = 'curly-flat-boundary'
|
||||
number-sign = 'upright-open'
|
||||
ampersand = 'upper-open'
|
||||
at = 'compact'
|
||||
dollar = 'interrupted'
|
||||
cent = 'open'
|
||||
percent = 'rings-segmented-slash'
|
||||
bar = 'force-upright'
|
||||
ascii-single-quote = 'raised-comma'
|
||||
ascii-grave = 'straight'
|
||||
question = 'smooth'
|
||||
punctuation-dot = 'round'
|
||||
'';
|
||||
})
|
||||
]);
|
||||
|
||||
hardware = {
|
||||
opengl = {
|
||||
enable = true;
|
||||
driSupport32Bit = true;
|
||||
driSupport = true;
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,3 +0,0 @@
|
|||
{pkgs, ...}: {
|
||||
environment.systemPackages = with pkgs; [eww-wayland];
|
||||
}
|
|
@ -1,21 +1,31 @@
|
|||
{pkgs, ...}: {
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
imports = [./pipewire.nix];
|
||||
|
||||
services.xserver.enable = true;
|
||||
# mkForce is used liberally to take precedence over KDE Plasma
|
||||
# so I can have both "usable" at once
|
||||
|
||||
services.xserver.enable = lib.mkDefault true;
|
||||
services.xserver.displayManager.gdm = {
|
||||
enable = true;
|
||||
enable = lib.mkForce true; # take precedence over KDE's SDDM
|
||||
};
|
||||
services.displayManager.execCmd = lib.mkForce "exec ${pkgs.gnome.gdm}/bin/gdm";
|
||||
services.displayManager.defaultSession = lib.mkForce "gnome";
|
||||
programs.ssh.askPassword = "${pkgs.gnome.seahorse}/libexec/seahorse/ssh-askpass";
|
||||
|
||||
hardware.pulseaudio.enable = false;
|
||||
|
||||
services.xserver.desktopManager.gnome = {
|
||||
enable = true;
|
||||
};
|
||||
enable = lib.mkDefault true;
|
||||
|
||||
programs.gnupg.agent = {
|
||||
enable = true;
|
||||
pinentryFlavor = "gnome3";
|
||||
enableSSHSupport = true;
|
||||
extraGSettingsOverridePackages = [pkgs.gnome.mutter];
|
||||
extraGSettingsOverrides = ''
|
||||
[org.gnome.mutter]
|
||||
experimental-features=['scale-monitor-framebuffer']
|
||||
'';
|
||||
};
|
||||
|
||||
xdg.portal = {
|
||||
|
@ -30,45 +40,44 @@
|
|||
|
||||
environment = {
|
||||
variables = {
|
||||
GTK_THEME = "Catppuccin-Mocha-Compact-Sapphire-Dark";
|
||||
VISUAL = "hx";
|
||||
PAGER = "less";
|
||||
MANPAGER = "less";
|
||||
};
|
||||
|
||||
systemPackages = with pkgs; [
|
||||
gnome.gnome-power-manager
|
||||
brightnessctl
|
||||
feh
|
||||
# gimp
|
||||
grim
|
||||
# inkscape
|
||||
# krita
|
||||
libinput
|
||||
libinput-gestures
|
||||
libnotify
|
||||
# lutris
|
||||
# nil
|
||||
# nixpkgs-fmt
|
||||
noto-fonts
|
||||
pamixer
|
||||
# pavucontrol
|
||||
playerctl
|
||||
# pulseaudio
|
||||
pulsemixer
|
||||
# rclone
|
||||
# restic
|
||||
slurp
|
||||
# steam
|
||||
swaybg
|
||||
swayidle
|
||||
swaylock
|
||||
# vlc
|
||||
# vulkan-tools
|
||||
waybar
|
||||
# weechat
|
||||
# wine
|
||||
wl-clipboard
|
||||
zathura
|
||||
/*
|
||||
gimp
|
||||
inkscape
|
||||
krita
|
||||
pavucontrol
|
||||
pulseaudio
|
||||
rclone
|
||||
restic
|
||||
steam
|
||||
vlc
|
||||
vulkan-tools
|
||||
weechat
|
||||
wine
|
||||
*/
|
||||
];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,9 +0,0 @@
|
|||
{
|
||||
outputs,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
imports = [outputs.nixosModules.ewwbar outputs.nixosModules.pipewire];
|
||||
programs.hyprland.enable = true;
|
||||
environment.systemPackages = with pkgs; [hyprpaper];
|
||||
}
|
|
@ -1,25 +0,0 @@
|
|||
{
|
||||
lib,
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
nixpkgs.config = {
|
||||
packageOverrides = pkgs: {
|
||||
vaapiIntel = pkgs.vaapiIntel.override {enableHybridCodec = true;};
|
||||
};
|
||||
};
|
||||
|
||||
hardware = {
|
||||
cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
|
||||
opengl = {
|
||||
extraPackages = with pkgs; [
|
||||
intel-media-driver # LIBVA_DRIVER_NAME=iHD
|
||||
vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium)
|
||||
vaapiVdpau
|
||||
libvdpau-va-gl
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,20 +0,0 @@
|
|||
{
|
||||
programs.kdeconnect = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
networking.firewall = {
|
||||
allowedTCPPortRanges = [
|
||||
{
|
||||
from = 1714;
|
||||
to = 1764;
|
||||
}
|
||||
];
|
||||
allowedUDPPortRanges = [
|
||||
{
|
||||
from = 1714;
|
||||
to = 1764;
|
||||
}
|
||||
];
|
||||
};
|
||||
}
|
|
@ -1,22 +0,0 @@
|
|||
{
|
||||
# flake,
|
||||
inputs,
|
||||
# outputs,
|
||||
# lib,
|
||||
# config,
|
||||
# pkgs,
|
||||
# system,
|
||||
# modulesPath,
|
||||
...
|
||||
}: {
|
||||
imports = [inputs.ssbm.nixosModule];
|
||||
|
||||
ssbm = {
|
||||
cache.enable = true;
|
||||
|
||||
gcc = {
|
||||
rules.enable = true;
|
||||
oc-kmod.enable = true;
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,16 +0,0 @@
|
|||
{...}: {
|
||||
environment.etc = {
|
||||
"pipewire/pipewire.conf.d/92-low-latency.conf".text = ''
|
||||
context.properties = {
|
||||
default.clock.rate = 48000
|
||||
default.clock.quantum = 128
|
||||
default.clock.min-quantum = 128
|
||||
default.clock.max-quantum = 128
|
||||
}
|
||||
|
||||
jack.properties = {
|
||||
node.latency = 128/48000
|
||||
}
|
||||
'';
|
||||
};
|
||||
}
|
|
@ -1,26 +0,0 @@
|
|||
{...}: {
|
||||
services.pipewire = {
|
||||
enable = true;
|
||||
|
||||
wireplumber.enable = true;
|
||||
pulse.enable = true;
|
||||
jack.enable = true;
|
||||
|
||||
alsa = {
|
||||
enable = true;
|
||||
support32Bit = true;
|
||||
};
|
||||
};
|
||||
|
||||
hardware = {
|
||||
pulseaudio = {
|
||||
support32Bit = true;
|
||||
};
|
||||
};
|
||||
|
||||
security = {
|
||||
# I forget why I need these...
|
||||
polkit.enable = true;
|
||||
rtkit.enable = true;
|
||||
};
|
||||
}
|
|
@ -1,5 +0,0 @@
|
|||
{...}: {
|
||||
services.xserver.enable = true;
|
||||
services.xserver.displayManager.sddm.enable = true;
|
||||
services.xserver.desktopManager.plasma5.enable = true;
|
||||
}
|
|
@ -1,23 +0,0 @@
|
|||
{pkgs, ...}: {
|
||||
environment = {
|
||||
systemPackages = with pkgs; [
|
||||
podman-compose
|
||||
];
|
||||
};
|
||||
|
||||
virtualisation = {
|
||||
podman = {
|
||||
enable = true;
|
||||
|
||||
# Create a `docker` alias for podman, to use it as a drop-in replacement
|
||||
dockerCompat = true;
|
||||
|
||||
# Required for containers under podman-compose to be able to talk to each other.
|
||||
defaultNetwork.settings.dns_enabled = true;
|
||||
};
|
||||
|
||||
oci-containers = {
|
||||
backend = "podman";
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,39 +0,0 @@
|
|||
{pkgs, ...}: {
|
||||
# this is really just for development usage
|
||||
services.postgresql = {
|
||||
enable = true;
|
||||
ensureDatabases = ["daniel"];
|
||||
ensureUsers = [
|
||||
{
|
||||
name = "daniel";
|
||||
ensureDBOwnership = true;
|
||||
}
|
||||
];
|
||||
enableTCPIP = true;
|
||||
|
||||
package = pkgs.postgresql_15;
|
||||
|
||||
authentication = pkgs.lib.mkOverride 10 ''
|
||||
#type database DBuser auth-method
|
||||
local all postgres peer map=superuser_map
|
||||
local all daniel peer map=superuser_map
|
||||
local sameuser all peer map=superuser_map
|
||||
|
||||
# lan ipv4
|
||||
host all all 10.0.0.0/24 trust
|
||||
host all all 127.0.0.1/32 trust
|
||||
|
||||
# tailnet ipv4
|
||||
host all all 100.64.0.0/10 trust
|
||||
'';
|
||||
|
||||
identMap = ''
|
||||
# ArbitraryMapName systemUser DBUser
|
||||
superuser_map root postgres
|
||||
superuser_map postgres postgres
|
||||
superuser_map daniel postgres
|
||||
# Let other names login as themselves
|
||||
superuser_map /^(.*)$ \1
|
||||
'';
|
||||
};
|
||||
}
|
|
@ -1,81 +0,0 @@
|
|||
{pkgs, ...}: {
|
||||
imports = [./pipewire.nix];
|
||||
|
||||
# services.xserver.libinput.enable = true;
|
||||
|
||||
services.gnome.gnome-keyring.enable = true;
|
||||
programs.gnupg.agent = {
|
||||
enable = true;
|
||||
pinentryFlavor = "gnome3";
|
||||
enableSSHSupport = true;
|
||||
};
|
||||
|
||||
programs.sway = {
|
||||
enable = true;
|
||||
wrapperFeatures.gtk = true;
|
||||
};
|
||||
|
||||
xdg.portal = {
|
||||
enable = true;
|
||||
wlr.enable = true;
|
||||
|
||||
extraPortals = with pkgs; [
|
||||
xdg-desktop-portal-wlr
|
||||
];
|
||||
};
|
||||
|
||||
services.dbus.enable = true;
|
||||
|
||||
programs.thunar = {
|
||||
enable = true;
|
||||
plugins = with pkgs.xfce; [thunar-archive-plugin thunar-volman];
|
||||
};
|
||||
|
||||
services.gvfs = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
environment = {
|
||||
variables = {
|
||||
GTK_THEME = "Catppuccin-Mocha-Compact-Sapphire-Dark";
|
||||
VISUAL = "hx";
|
||||
PAGER = "less";
|
||||
MANPAGER = "less";
|
||||
};
|
||||
|
||||
systemPackages = with pkgs; [
|
||||
brightnessctl
|
||||
feh
|
||||
# gimp
|
||||
grim
|
||||
# inkscape
|
||||
# krita
|
||||
libinput
|
||||
libinput-gestures
|
||||
libnotify
|
||||
# lutris
|
||||
# nil
|
||||
# nixpkgs-fmt
|
||||
noto-fonts
|
||||
pamixer
|
||||
# pavucontrol
|
||||
playerctl
|
||||
# pulseaudio
|
||||
pulsemixer
|
||||
# rclone
|
||||
# restic
|
||||
slurp
|
||||
# steam
|
||||
swaybg
|
||||
swayidle
|
||||
swaylock
|
||||
# vlc
|
||||
# vulkan-tools
|
||||
waybar
|
||||
# weechat
|
||||
# wine
|
||||
wl-clipboard
|
||||
zathura
|
||||
];
|
||||
};
|
||||
}
|
|
@ -1,14 +0,0 @@
|
|||
{pkgs, ...}: {
|
||||
# enable flatpaks
|
||||
services.flatpak.enable = true;
|
||||
|
||||
# enable appimages
|
||||
boot.binfmt.registrations.appimage = {
|
||||
wrapInterpreterInShell = false;
|
||||
interpreter = "${pkgs.appimage-run}/bin/appimage-run";
|
||||
recognitionType = "magic";
|
||||
offset = 0;
|
||||
mask = ''\xff\xff\xff\xff\x00\x00\x00\x00\xff\xff\xff'';
|
||||
magicOrExtension = ''\x7fELF....AI\x02'';
|
||||
};
|
||||
}
|
|
@ -1,9 +0,0 @@
|
|||
{lib, ...}: {
|
||||
networking.networkmanager.enable = lib.mkDefault true;
|
||||
systemd.services.NetworkManager-wait-online.enable = lib.mkDefault false;
|
||||
# TODO: networking.networkmanager.wifi.backend = "iwd"; ?
|
||||
|
||||
# TODO: powersave?
|
||||
|
||||
# TODO: can I pre-configure my usual wifi networks with SSIDs and PSKs loaded from secrets?
|
||||
}
|
18
nixos/base.nix
Normal file
18
nixos/base.nix
Normal file
|
@ -0,0 +1,18 @@
|
|||
{
|
||||
config,
|
||||
outputs,
|
||||
...
|
||||
}: {
|
||||
# a minimal, familiar setup that I can bootstrap atop
|
||||
imports = with outputs.nixosModules; [
|
||||
# may need to be tweaked based on the machine's paritioning scheme
|
||||
outputs.diskoConfigurations.standard
|
||||
desktop-usage
|
||||
wifi
|
||||
];
|
||||
|
||||
networking.hostName = config.home-manager.users.daniel.home.username;
|
||||
|
||||
# TODO: may not work for non-UEFI?
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
}
|
|
@ -1,55 +0,0 @@
|
|||
{
|
||||
flake,
|
||||
inputs,
|
||||
outputs,
|
||||
lib,
|
||||
config,
|
||||
modulesPath,
|
||||
...
|
||||
}: {
|
||||
imports =
|
||||
[
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
inputs.disko.nixosModules.disko
|
||||
flake.diskoConfigurations.standard
|
||||
]
|
||||
++ (with outputs.nixosModules; [
|
||||
desktop-usage
|
||||
wifi
|
||||
]);
|
||||
|
||||
nixpkgs = {
|
||||
overlays = [
|
||||
outputs.overlays.additions
|
||||
outputs.overlays.modifications
|
||||
outputs.overlays.unstable-packages
|
||||
];
|
||||
config = {
|
||||
allowUnfree = true;
|
||||
};
|
||||
};
|
||||
|
||||
nix = {
|
||||
registry = lib.mapAttrs (_: value: {flake = value;}) inputs;
|
||||
nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
|
||||
|
||||
settings = {
|
||||
experimental-features = "nix-command flakes";
|
||||
auto-optimise-store = true;
|
||||
};
|
||||
};
|
||||
|
||||
# not necessarily "base", but all my machines are UEFI so...
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
|
||||
networking = {
|
||||
firewall = {
|
||||
enable = true;
|
||||
allowPing = true;
|
||||
allowedTCPPorts = [22];
|
||||
allowedUDPPorts = [];
|
||||
};
|
||||
};
|
||||
|
||||
system.stateVersion = "23.11";
|
||||
}
|
2032
nixos/beefcake.nix
Normal file
2032
nixos/beefcake.nix
Normal file
File diff suppressed because it is too large
Load diff
|
@ -1,768 +0,0 @@
|
|||
/*
|
||||
if ur fans get loud:
|
||||
|
||||
# enable manual fan control
|
||||
sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x01 0x00
|
||||
|
||||
# set fan speed to last byte as decimal
|
||||
sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
|
||||
*/
|
||||
{
|
||||
# inputs,
|
||||
outputs,
|
||||
modulesPath,
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
outputs.nixosModules.intel
|
||||
# inputs.nix-minecraft.nixosModules.minecraft-servers
|
||||
];
|
||||
|
||||
nixpkgs.overlays = [
|
||||
# inputs.nix-minecraft.overlay
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = ["ehci_pci" "megaraid_sas" "usbhid" "uas" "sd_mod"];
|
||||
boot.kernelModules = ["kvm-intel"];
|
||||
|
||||
fileSystems."/" = {
|
||||
device = "/dev/disk/by-uuid/0747dcba-f590-42e6-89c8-6cb2f9114d64";
|
||||
fsType = "ext4";
|
||||
options = [
|
||||
"usrquota"
|
||||
];
|
||||
};
|
||||
|
||||
fileSystems."/boot" = {
|
||||
device = "/dev/disk/by-uuid/7E3C-9018";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
fileSystems."/storage" = {
|
||||
device = "/dev/disk/by-uuid/ea8258d7-54d1-430e-93b3-e15d33231063";
|
||||
fsType = "btrfs";
|
||||
options = [
|
||||
"compress=zstd:5"
|
||||
"space_cache=v2"
|
||||
];
|
||||
};
|
||||
|
||||
services.nix-serve = {
|
||||
enable = true;
|
||||
secretKeyFile = "/var/cache-priv-key.pem";
|
||||
};
|
||||
|
||||
services.api-lyte-dev = rec {
|
||||
enable = true;
|
||||
port = 5757;
|
||||
stateDir = "/var/lib/api-lyte-dev";
|
||||
configFile = config.sops.secrets."api.lyte.dev".path;
|
||||
user = "api-lyte-dev";
|
||||
group = user;
|
||||
};
|
||||
|
||||
systemd.services.api-lyte-dev.environment.LOG_LEVEL = "debug";
|
||||
|
||||
sops = {
|
||||
defaultSopsFile = ../../secrets/beefcake/secrets.yml;
|
||||
age = {
|
||||
sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
|
||||
keyFile = "/var/lib/sops-nix/key.txt";
|
||||
generateKey = true;
|
||||
};
|
||||
secrets = {
|
||||
# example-key = {
|
||||
# # see these and other options' documentation here:
|
||||
# # https://github.com/Mic92/sops-nix#set-secret-permissionowner-and-allow-services-to-access-it
|
||||
|
||||
# # set permissions:
|
||||
# # mode = "0440";
|
||||
# # owner = config.users.users.nobody.name;
|
||||
# # group = config.users.users.nobody.group;
|
||||
|
||||
# # restart service when a secret changes or is newly initialized
|
||||
# # restartUnits = [ "home-assistant.service" ];
|
||||
|
||||
# # symlink to certain directories
|
||||
# path = "/var/lib/my-example-key/secrets.yaml";
|
||||
|
||||
# # for use as a user password
|
||||
# # neededForUsers = true;
|
||||
# };
|
||||
|
||||
# subdirectory
|
||||
# "myservice/my_subdir/my_secret" = { };
|
||||
|
||||
"api.lyte.dev" = {
|
||||
path = "${config.services.api-lyte-dev.stateDir}/secrets.json";
|
||||
# TODO: would be cool to assert that it's correctly-formatted JSON? probably should be done in a pre-commit hook?
|
||||
mode = "0440";
|
||||
owner = config.services.api-lyte-dev.user;
|
||||
group = config.services.api-lyte-dev.group;
|
||||
};
|
||||
|
||||
"jland.env" = {
|
||||
path = "/var/lib/jland/jland.env";
|
||||
# TODO: would be cool to assert that it's correctly-formatted JSON? probably should be done in a pre-commit hook?
|
||||
mode = "0440";
|
||||
owner = config.users.users.jland.name;
|
||||
group = config.users.groups.jland.name;
|
||||
};
|
||||
|
||||
plausible-admin-password = {
|
||||
# TODO: path = "${config.systemd.services.plausible.serviceConfig.WorkingDirectory}/plausible-admin-password.txt";
|
||||
path = "/var/lib/plausible/plausible-admin-password";
|
||||
mode = "0440";
|
||||
owner = config.systemd.services.plausible.serviceConfig.User;
|
||||
group = config.systemd.services.plausible.serviceConfig.Group;
|
||||
};
|
||||
plausible-secret-key-base = {
|
||||
path = "/var/lib/plausible/plausible-secret-key-base";
|
||||
mode = "0440";
|
||||
owner = config.systemd.services.plausible.serviceConfig.User;
|
||||
group = config.systemd.services.plausible.serviceConfig.Group;
|
||||
};
|
||||
nextcloud-admin-password = {
|
||||
path = "/var/lib/nextcloud/admin-password";
|
||||
mode = "0440";
|
||||
# owner = config.services.nextcloud.serviceConfig.User;
|
||||
# group = config.services.nextcloud.serviceConfig.Group;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
# TODO: non-root processes and services that access secrets need to be part of
|
||||
# the 'keys' group
|
||||
# maybe this will fix plausible?
|
||||
|
||||
# systemd.services.some-service = {
|
||||
# serviceConfig.SupplementaryGroups = [ config.users.groups.keys.name ];
|
||||
# };
|
||||
# or
|
||||
# users.users.example-user.extraGroups = [ config.users.groups.keys.name ];
|
||||
|
||||
# TODO: directory attributes for /storage subdirectories?
|
||||
# example: user daniel should be able to write to /storage/files.lyte.dev and
|
||||
# caddy should be able to serve it
|
||||
|
||||
# TODO: declarative directory quotas? for storage/$USER and /home/$USER
|
||||
|
||||
# TODO: would be nice to get ALL the storage stuff declared in here
|
||||
# should I be using btrfs subvolumes? can I capture file ownership, perimssions, and ACLs?
|
||||
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d /var/spool/samba 1777 root root -"
|
||||
];
|
||||
|
||||
networking.hostName = "beefcake";
|
||||
|
||||
users.extraGroups = {
|
||||
"plausible" = {};
|
||||
"nextcloud" = {};
|
||||
"lytedev" = {};
|
||||
};
|
||||
users.groups.daniel.members = ["daniel"];
|
||||
users.groups.nixadmin.members = ["daniel"];
|
||||
|
||||
users.users.daniel = {
|
||||
packages = [pkgs.weechat];
|
||||
extraGroups = [
|
||||
"nixadmin" # write access to /etc/nixos/ files
|
||||
"wheel" # sudo access
|
||||
"caddy" # write access to /storage/files.lyte.dev
|
||||
"users" # general users group
|
||||
"jellyfin" # write access to /storage/jellyfin
|
||||
"jland"
|
||||
];
|
||||
};
|
||||
|
||||
users.users.lytedev = {
|
||||
# for running my services and applications and stuff
|
||||
isNormalUser = true;
|
||||
openssh.authorizedKeys.keys = config.users.users.daniel.openssh.authorizedKeys.keys;
|
||||
group = "lytedev";
|
||||
};
|
||||
|
||||
users.users.ben = {
|
||||
isNormalUser = true;
|
||||
packages = [pkgs.vim];
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKUfLZ+IX85p9355Po2zP1H2tAxiE0rE6IYb8Sf+eF9T ben@benhany.com"
|
||||
];
|
||||
};
|
||||
|
||||
users.users.alan = {
|
||||
isNormalUser = true;
|
||||
packages = [pkgs.vim];
|
||||
openssh.authorizedKeys.keys = [
|
||||
""
|
||||
];
|
||||
};
|
||||
|
||||
users.users.restic = {
|
||||
# used for other machines to backup to
|
||||
isNormalUser = true;
|
||||
openssh.authorizedKeys.keys =
|
||||
[
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJbPqzKB09U+i4Kqu136yOjflLZ/J7pYsNulTAd4x903 root@chromebox.h.lyte.dev"
|
||||
]
|
||||
++ config.users.users.daniel.openssh.authorizedKeys.keys;
|
||||
};
|
||||
|
||||
users.users.guest = {
|
||||
# used for anonymous samba access
|
||||
isSystemUser = true;
|
||||
group = "users";
|
||||
createHome = true;
|
||||
};
|
||||
|
||||
users.users.plausible = {
|
||||
# used for anonymous samba access
|
||||
isSystemUser = true;
|
||||
createHome = false;
|
||||
group = "plausible";
|
||||
};
|
||||
|
||||
users.groups.jland = {
|
||||
gid = 982;
|
||||
};
|
||||
users.users.jland = {
|
||||
uid = 986;
|
||||
# used for running the jland minecraft server
|
||||
isSystemUser = true;
|
||||
createHome = false;
|
||||
group = "jland";
|
||||
};
|
||||
|
||||
users.users.nextcloud = {
|
||||
# used for anonymous samba access
|
||||
isSystemUser = true;
|
||||
createHome = false;
|
||||
group = "nextcloud";
|
||||
};
|
||||
|
||||
environment.systemPackages = [pkgs.linuxquota];
|
||||
|
||||
# TODO: make the client declarative? right now I think it's manually git
|
||||
# clone'd to /root
|
||||
systemd.services.deno-netlify-ddns-client = {
|
||||
serviceConfig.Type = "oneshot";
|
||||
path = with pkgs; [curl bash];
|
||||
environment = {
|
||||
NETLIFY_DDNS_RC_FILE = "/root/deno-netlify-ddns-client/.env";
|
||||
};
|
||||
script = ''
|
||||
bash /root/deno-netlify-ddns-client/netlify-ddns-client.sh
|
||||
'';
|
||||
};
|
||||
systemd.timers.deno-netlify-ddns-client = {
|
||||
wantedBy = ["timers.target"];
|
||||
partOf = ["deno-netlify-ddns-client.service"];
|
||||
timerConfig = {
|
||||
OnBootSec = "10sec";
|
||||
OnUnitActiveSec = "5min";
|
||||
Unit = "deno-netlify-ddns-client.service";
|
||||
};
|
||||
};
|
||||
|
||||
services.caddy = {
|
||||
enable = true;
|
||||
email = "daniel@lyte.dev";
|
||||
adapter = "caddyfile";
|
||||
# acmeCA = "https://acme-staging-v02.api.letsencrypt.org/directory";
|
||||
# TODO: there are some hardcoded ports here!
|
||||
# https://github.com/NixOS/nixpkgs/blob/04af42f3b31dba0ef742d254456dc4c14eedac86/nixos/modules/services/misc/lidarr.nix#L72
|
||||
# TODO: customize the files.lyte.dev template?
|
||||
configFile = pkgs.writeText "Caddyfile" ''
|
||||
video.lyte.dev {
|
||||
reverse_proxy :8096
|
||||
}
|
||||
|
||||
# lidarr.h.lyte.dev {
|
||||
# reverse_proxy :8686
|
||||
# }
|
||||
|
||||
# radarr.h.lyte.dev {
|
||||
# reverse_proxy :7878
|
||||
# }
|
||||
|
||||
# sonarr.h.lyte.dev {
|
||||
# reverse_proxy :8989
|
||||
# }
|
||||
|
||||
# bazarr.h.lyte.dev {
|
||||
# reverse_proxy :${toString config.services.bazarr.listenPort}
|
||||
# }
|
||||
|
||||
bw.lyte.dev {
|
||||
reverse_proxy :${toString config.services.vaultwarden.config.ROCKET_PORT}
|
||||
}
|
||||
|
||||
api.lyte.dev {
|
||||
reverse_proxy :${toString config.services.api-lyte-dev.port}
|
||||
}
|
||||
|
||||
a.lyte.dev {
|
||||
reverse_proxy :${toString config.services.plausible.server.port}
|
||||
}
|
||||
|
||||
nextcloud.lyte.dev {
|
||||
reverse_proxy :${toString 9999}
|
||||
}
|
||||
|
||||
git.lyte.dev {
|
||||
reverse_proxy :${toString config.services.gitea.settings.server.HTTP_PORT}
|
||||
}
|
||||
|
||||
files.lyte.dev {
|
||||
file_server browse {
|
||||
# browse template
|
||||
# hide .*
|
||||
root /storage/files.lyte.dev
|
||||
}
|
||||
}
|
||||
|
||||
nix.h.lyte.dev {
|
||||
reverse_proxy :${toString config.services.nix-serve.port}
|
||||
}
|
||||
|
||||
# proxy everything else to chromebox
|
||||
:80 {
|
||||
reverse_proxy 10.0.0.5:80
|
||||
}
|
||||
|
||||
:443 {
|
||||
reverse_proxy 10.0.0.5:443
|
||||
}
|
||||
'';
|
||||
};
|
||||
|
||||
services.vaultwarden = {
|
||||
enable = true;
|
||||
config = {
|
||||
DOMAIN = "https://bw.lyte.dev";
|
||||
SIGNUPS_ALLOWED = "false";
|
||||
ROCKET_ADDRESS = "127.0.0.1";
|
||||
ROCKET_PORT = 8222;
|
||||
};
|
||||
};
|
||||
|
||||
# services.gitea-actions-runner.instances.main = {
|
||||
# # TODO: simple git-based automation would be dope? maybe especially for
|
||||
# # mirroring to github super easy?
|
||||
# enable = false;
|
||||
# };
|
||||
|
||||
services.gitea = {
|
||||
enable = true;
|
||||
appName = "git.lyte.dev";
|
||||
stateDir = "/storage/gitea";
|
||||
settings = {
|
||||
server = {
|
||||
ROOT_URL = "https://git.lyte.dev";
|
||||
HTTP_ADDR = "127.0.0.1";
|
||||
HTTP_PORT = 3088;
|
||||
DOMAIN = "git.lyte.dev";
|
||||
};
|
||||
actions = {
|
||||
ENABLED = true;
|
||||
};
|
||||
service = {
|
||||
DISABLE_REGISTRATION = true;
|
||||
};
|
||||
session = {
|
||||
COOKIE_SECURE = true;
|
||||
};
|
||||
log = {
|
||||
# TODO: raise the log level
|
||||
LEVEL = "Debug";
|
||||
};
|
||||
ui = {
|
||||
THEMES = "catppuccin-mocha-sapphire,gitea,arc-green,auto,pitchblack";
|
||||
DEFAULT_THEME = "catppuccin-mocha-sapphire";
|
||||
};
|
||||
};
|
||||
lfs = {
|
||||
enable = true;
|
||||
};
|
||||
dump = {
|
||||
enable = true;
|
||||
};
|
||||
database = {
|
||||
# TODO: move to postgres?
|
||||
type = "sqlite3";
|
||||
};
|
||||
};
|
||||
|
||||
# TODO: ensure we're not doing the same dumb thing we were doing on the old host and eating storage
|
||||
services.clickhouse.enable = true;
|
||||
|
||||
systemd.services.plausible.serviceConfig.User = "plausible";
|
||||
systemd.services.plausible.serviceConfig.Group = "plausible";
|
||||
|
||||
services.plausible = {
|
||||
# TODO: enable
|
||||
enable = false;
|
||||
database = {
|
||||
clickhouse.setup = true;
|
||||
postgres = {
|
||||
setup = false;
|
||||
dbname = "plausible";
|
||||
};
|
||||
};
|
||||
server = {
|
||||
baseUrl = "http://beefcake.hare-cod.ts.net:8899";
|
||||
disableRegistration = true;
|
||||
port = 8899;
|
||||
secretKeybaseFile = config.sops.secrets.plausible-secret-key-base.path;
|
||||
};
|
||||
adminUser = {
|
||||
activate = false;
|
||||
email = "daniel@lyte.dev";
|
||||
passwordFile = config.sops.secrets.plausible-admin-password.path;
|
||||
};
|
||||
};
|
||||
|
||||
services.postgresql = {
|
||||
enable = true;
|
||||
ensureDatabases = ["daniel" "plausible" "nextcloud"];
|
||||
ensureUsers = [
|
||||
{
|
||||
name = "daniel";
|
||||
ensureDBOwnership = true;
|
||||
}
|
||||
{
|
||||
name = "plausible";
|
||||
ensureDBOwnership = true;
|
||||
}
|
||||
{
|
||||
name = "nextcloud";
|
||||
ensureDBOwnership = true;
|
||||
}
|
||||
];
|
||||
dataDir = "/storage/postgres";
|
||||
enableTCPIP = true;
|
||||
|
||||
package = pkgs.postgresql_15;
|
||||
|
||||
authentication = pkgs.lib.mkOverride 10 ''
|
||||
#type database DBuser auth-method
|
||||
local all postgres peer map=superuser_map
|
||||
local all daniel peer map=superuser_map
|
||||
local sameuser all peer map=superuser_map
|
||||
local plausible plausible peer map=superuser_map
|
||||
local nextcloud nextcloud peer map=superuser_map
|
||||
|
||||
# lan ipv4
|
||||
host all all 10.0.0.0/24 trust
|
||||
|
||||
# tailnet ipv4
|
||||
host all all 100.64.0.0/10 trust
|
||||
'';
|
||||
|
||||
identMap = ''
|
||||
# ArbitraryMapName systemUser DBUser
|
||||
superuser_map root postgres
|
||||
superuser_map postgres postgres
|
||||
superuser_map daniel postgres
|
||||
# Let other names login as themselves
|
||||
superuser_map /^(.*)$ \1
|
||||
'';
|
||||
};
|
||||
|
||||
services.postgresqlBackup = {
|
||||
enable = true;
|
||||
backupAll = true;
|
||||
compression = "none"; # hoping for deduplication here?
|
||||
location = "/storage/postgres-backups";
|
||||
startAt = "*-*-* 03:00:00";
|
||||
};
|
||||
|
||||
services.tailscale = {
|
||||
useRoutingFeatures = "server";
|
||||
};
|
||||
|
||||
services.jellyfin = {
|
||||
enable = true;
|
||||
openFirewall = false;
|
||||
# uses port 8096 by default, configurable from admin UI
|
||||
};
|
||||
|
||||
# NOTE: this server's xeon chips DO NOT seem to support quicksync or graphics in general
|
||||
# but I can probably throw in a crappy GPU (or a big, cheap ebay GPU for ML
|
||||
# stuff, too?) and get good transcoding performance
|
||||
|
||||
# jellyfin hardware encoding
|
||||
# hardware.opengl = {
|
||||
# enable = true;
|
||||
# extraPackages = with pkgs; [
|
||||
# intel-media-driver
|
||||
# vaapiIntel
|
||||
# vaapiVdpau
|
||||
# libvdpau-va-gl
|
||||
# intel-compute-runtime
|
||||
# ];
|
||||
# };
|
||||
# nixpkgs.config.packageOverrides = pkgs: {
|
||||
# vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };
|
||||
# };
|
||||
|
||||
services.openssh = {
|
||||
listenAddresses = [
|
||||
{
|
||||
addr = "0.0.0.0";
|
||||
port = 64022;
|
||||
}
|
||||
{
|
||||
addr = "0.0.0.0";
|
||||
port = 22;
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
# services.lidarr = {
|
||||
# enable = true;
|
||||
# dataDir = "/storage/lidarr";
|
||||
# };
|
||||
|
||||
# services.radarr = {
|
||||
# enable = true;
|
||||
# dataDir = "/storage/radarr";
|
||||
# };
|
||||
|
||||
# services.sonarr = {
|
||||
# enable = true;
|
||||
# dataDir = "/storage/sonarr";
|
||||
# };
|
||||
|
||||
# services.bazarr = {
|
||||
# enable = true;
|
||||
# listenPort = 6767;
|
||||
# };
|
||||
|
||||
services.samba-wsdd.enable = true;
|
||||
|
||||
services.samba = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
securityType = "user";
|
||||
package = pkgs.sambaFull;
|
||||
|
||||
extraConfig = ''
|
||||
workgroup = WORKGROUP
|
||||
server string = beefcake
|
||||
netbios name = beefcake
|
||||
security = user
|
||||
#use sendfile = yes
|
||||
#max protocol = smb2
|
||||
# note: localhost is the ipv6 localhost ::1
|
||||
hosts allow = 192.168.0.0/16 127.0.0.1 localhost
|
||||
hosts deny = 0.0.0.0/0
|
||||
guest account = nobody
|
||||
map to guest = bad user
|
||||
load printers = yes
|
||||
printing = cups
|
||||
printcap name = cups
|
||||
'';
|
||||
shares = {
|
||||
libre = {
|
||||
path = "/storage/libre";
|
||||
browseable = "yes";
|
||||
"read only" = "no";
|
||||
"guest ok" = "yes";
|
||||
"create mask" = "0666";
|
||||
"directory mask" = "0777";
|
||||
"force user" = "nobody";
|
||||
"force group" = "users";
|
||||
};
|
||||
public = {
|
||||
path = "/storage/public";
|
||||
browseable = "yes";
|
||||
"read only" = "no";
|
||||
"guest ok" = "yes";
|
||||
"create mask" = "0664";
|
||||
"directory mask" = "0775";
|
||||
"force user" = "nobody";
|
||||
"force group" = "users";
|
||||
};
|
||||
family = {
|
||||
path = "/storage/family";
|
||||
browseable = "yes";
|
||||
"read only" = "no";
|
||||
"guest ok" = "no";
|
||||
"create mask" = "0664";
|
||||
"directory mask" = "0775";
|
||||
"force user" = "nobody";
|
||||
"force group" = "family";
|
||||
};
|
||||
daniel = {
|
||||
path = "/storage/daniel";
|
||||
browseable = "yes";
|
||||
"read only" = "no";
|
||||
"guest ok" = "no";
|
||||
"create mask" = "0640";
|
||||
"directory mask" = "0750";
|
||||
"force user" = "daniel";
|
||||
"force group" = "users";
|
||||
};
|
||||
printers = {
|
||||
comment = "All Printers";
|
||||
path = "/var/spool/samba";
|
||||
public = "yes";
|
||||
browseable = "yes";
|
||||
# to allow user 'guest account' to print.
|
||||
"guest ok" = "yes";
|
||||
writable = "no";
|
||||
printable = "yes";
|
||||
"create mode" = 0700;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
# paths:
|
||||
# TODO: move previous backups over and put here
|
||||
# clickhouse and plausible analytics once they're up and running?
|
||||
|
||||
services.restic.backups = let
|
||||
defaults = {
|
||||
passwordFile = "/root/restic-localbackup-password";
|
||||
paths = [
|
||||
"/storage/files.lyte.dev"
|
||||
"/storage/daniel"
|
||||
"/storage/gitea" # TODO: should maybe use configuration.nix's services.gitea.dump ?
|
||||
"/storage/postgres-backups"
|
||||
|
||||
# https://github.com/dani-garcia/vaultwarden/wiki/Backing-up-your-vault
|
||||
# specifically, https://github.com/dani-garcia/vaultwarden/wiki/Backing-up-your-vault#sqlite-database-files
|
||||
"/var/lib/bitwarden_rs" # does this need any sqlite preprocessing?
|
||||
|
||||
# TODO: backup *arr configs?
|
||||
];
|
||||
initialize = true;
|
||||
exclude = [];
|
||||
timerConfig = {
|
||||
OnCalendar = "04:45";
|
||||
};
|
||||
};
|
||||
in {
|
||||
local =
|
||||
defaults
|
||||
// {
|
||||
repository = "/storage/backups/local";
|
||||
};
|
||||
rascal =
|
||||
defaults
|
||||
// {
|
||||
extraOptions = [
|
||||
"sftp.command='ssh beefcake@rascal -i /root/.ssh/id_ed25519 -s sftp'"
|
||||
];
|
||||
repository = "sftp://beefcake@rascal://storage/backups/beefcake";
|
||||
};
|
||||
# TODO: add ruby?
|
||||
benland =
|
||||
defaults
|
||||
// {
|
||||
extraOptions = [
|
||||
"sftp.command='ssh daniel@n.benhaney.com -p 10022 -i /root/.ssh/id_ed25519 -s sftp'"
|
||||
];
|
||||
repository = "sftp://daniel@n.benhaney.com://storage/backups/beefcake";
|
||||
};
|
||||
};
|
||||
|
||||
# services.minecraft-servers.servers.jland = {
|
||||
# enable = true;
|
||||
# package = pkgs.fabricServers.fabric-1_19_2.override {loaderVersion = "0.14.9";};
|
||||
# # Monumental Experience, modpack version 2.2.53, minecraft version 1.19.2
|
||||
# # https://www.curseforge.com/minecraft/modpacks/monumental-experience/files/4826863
|
||||
# # $ nix run nixpkgs#packwiz curseforge import Monumental+Experience-2.2.53.zip
|
||||
# };
|
||||
|
||||
virtualisation.oci-containers.backend = "podman";
|
||||
virtualisation.oci-containers.containers = {
|
||||
minecraft-jland = {
|
||||
# sending commands: https://docker-minecraft-server.readthedocs.io/en/latest/commands/
|
||||
image = "docker.io/itzg/minecraft-server";
|
||||
user = "${toString config.users.users.jland.uid}:${toString config.users.groups.jland.gid}";
|
||||
extraOptions = [
|
||||
"--tty"
|
||||
"--interactive"
|
||||
];
|
||||
environment = {
|
||||
EULA = "true";
|
||||
UID = toString config.users.users.jland.uid;
|
||||
GID = toString config.users.groups.jland.gid;
|
||||
STOP_SERVER_ANNOUNCE_DELAY = "20";
|
||||
TZ = "America/Chicago";
|
||||
VERSION = "1.20.1";
|
||||
MEMORY = "8G";
|
||||
MAX_MEMORY = "16G";
|
||||
TYPE = "FORGE";
|
||||
FORGE_VERSION = "47.1.3";
|
||||
ALLOW_FLIGHT = "true";
|
||||
ENABLE_QUERY = "true";
|
||||
|
||||
MODPACK = "/data/origination-files/Server-Files-0.2.14.zip";
|
||||
|
||||
# TYPE = "AUTO_CURSEFORGE";
|
||||
# CF_SLUG = "monumental-experience";
|
||||
# CF_FILE_ID = "4826863"; # 2.2.53
|
||||
|
||||
# due to
|
||||
# Nov 02 13:45:22 beefcake minecraft-jland[2738672]: me.itzg.helpers.errors.GenericException: The modpack authors have indicated this file is not allowed for project distribution. Please download the client zip file from https://www.curseforge.com/minecraft/modpacks/monumental-experience and pass via CF_MODPACK_ZIP environment variable or place indownloads repo directory.
|
||||
# we must upload manually
|
||||
# CF_MODPACK_ZIP = "/data/origination-files/Monumental+Experience-2.2.53.zip";
|
||||
|
||||
# ENABLE_AUTOPAUSE = "true"; # TODO: must increate or disable max-tick-time
|
||||
# May also have mod/loader incompatibilities?
|
||||
# https://docker-minecraft-server.readthedocs.io/en/latest/misc/autopause-autostop/autopause/
|
||||
};
|
||||
environmentFiles = [
|
||||
config.sops.secrets."jland.env".path
|
||||
];
|
||||
ports = ["26965:25565"];
|
||||
volumes = [
|
||||
"/storage/jland/data:/data"
|
||||
"/storage/jland/worlds:/worlds"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
80 # http (caddy)
|
||||
443 # https (caddy)
|
||||
# 5357 # ???
|
||||
22 # ssh
|
||||
6667 # soju irc bouncer
|
||||
64022 # ssh (for ben?)
|
||||
];
|
||||
networking.firewall.allowedUDPPorts = [
|
||||
# 53 # DNS
|
||||
# 3702 # ???
|
||||
64020 # mosh (for ben?)
|
||||
];
|
||||
networking.firewall.allowedUDPPortRanges = [
|
||||
{
|
||||
# mosh
|
||||
from = 60000;
|
||||
to = 60010;
|
||||
}
|
||||
];
|
||||
|
||||
networking.firewall = {
|
||||
enable = true;
|
||||
allowPing = true;
|
||||
};
|
||||
|
||||
services.soju = {
|
||||
enable = true;
|
||||
listen = ["irc+insecure://:6667"];
|
||||
};
|
||||
|
||||
system.stateVersion = "22.05";
|
||||
}
|
137
nixos/bigtower.nix
Normal file
137
nixos/bigtower.nix
Normal file
|
@ -0,0 +1,137 @@
|
|||
{
|
||||
pkgs,
|
||||
lib,
|
||||
config,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
{
|
||||
system.stateVersion = "24.05";
|
||||
home-manager.users.daniel.home.stateVersion = "24.05";
|
||||
networking.hostName = "bigtower";
|
||||
}
|
||||
];
|
||||
hardware.graphics.extraPackages = [
|
||||
# pkgs.rocmPackages.clr.icd
|
||||
pkgs.amdvlk
|
||||
|
||||
# encoding/decoding acceleration
|
||||
pkgs.libvdpau-va-gl
|
||||
pkgs.vaapiVdpau
|
||||
];
|
||||
|
||||
boot = {
|
||||
# kernelPackages = pkgs.linuxPackages_zen;
|
||||
loader.efi.canTouchEfiVariables = true;
|
||||
loader.systemd-boot.enable = true;
|
||||
initrd.availableKernelModules = ["xhci_pci" "nvme" "ahci" "usbhid"];
|
||||
kernelModules = ["kvm-amd"];
|
||||
supportedFilesystems = ["ntfs"];
|
||||
};
|
||||
|
||||
hardware.bluetooth = {
|
||||
enable = true;
|
||||
# package = pkgs.bluez;
|
||||
settings = {
|
||||
General = {
|
||||
AutoConnect = true;
|
||||
MultiProfile = "multiple";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
/*
|
||||
networking = {
|
||||
firewall = let
|
||||
terraria = 7777;
|
||||
stardew-valley = 24642;
|
||||
web-dev-lan = 18888;
|
||||
ports = [
|
||||
terraria
|
||||
stardew-valley
|
||||
web-dev-lan
|
||||
];
|
||||
in {
|
||||
allowedTCPPorts = ports;
|
||||
allowedUDPPorts = ports;
|
||||
};
|
||||
};
|
||||
*/
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
radeontop
|
||||
# godot_4
|
||||
prismlauncher
|
||||
];
|
||||
|
||||
home-manager.users.daniel = {
|
||||
/*
|
||||
slippi-launcher = {
|
||||
enable = true;
|
||||
# isoPath = "${config.home-manager.users.daniel.home.homeDirectory}/../games/roms/dolphin/melee.iso";
|
||||
launchMeleeOnPlay = false;
|
||||
};
|
||||
*/
|
||||
|
||||
# TODO: monitor config module?
|
||||
/*
|
||||
wayland.windowManager.hyprland = {
|
||||
settings = {
|
||||
env = [
|
||||
"EWW_BAR_MON,1"
|
||||
];
|
||||
# See https://wiki.hyprland.org/Configuring/Keywords/ for more
|
||||
monitor = [
|
||||
# "DP-2,3840x2160@60,-2160x0,1,transform,3"
|
||||
"DP-3,3840x2160@120,${toString (builtins.ceil (2160 / 1.5))}x0,1"
|
||||
## HDR breaks screenshare? "DP-3,3840x2160@120,${toString (builtins.ceil (2160 / 1.5))}x0,1,bitdepth,10"
|
||||
## "desc:LG Display 0x0521,3840x2160@120,0x0,1"
|
||||
## "desc:Dell Inc. DELL U2720Q D3TM623,3840x2160@60,3840x0,1.5,transform,1"
|
||||
"DP-2,3840x2160@60,0x0,1.5,transform,1"
|
||||
];
|
||||
input = {
|
||||
force_no_accel = true;
|
||||
sensitivity = 1; # -1.0 - 1.0, 0 means no modification.
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
wayland.windowManager.sway = {
|
||||
config = {
|
||||
output = {
|
||||
"GIGA-BYTE TECHNOLOGY CO., LTD. AORUS FO48U 23070B000307" = {
|
||||
mode = "3840x2160@120Hz";
|
||||
position = "${toString (builtins.ceil (2160 / 1.5))},0";
|
||||
};
|
||||
|
||||
"Dell Inc. DELL U2720Q D3TM623" = {
|
||||
# desktop left vertical monitor
|
||||
mode = "3840x2160@60Hz";
|
||||
transform = "90";
|
||||
scale = "1.5";
|
||||
position = "0,0";
|
||||
};
|
||||
};
|
||||
|
||||
workspaceOutputAssign =
|
||||
(
|
||||
map
|
||||
(ws: {
|
||||
output = "GIGA-BYTE TECHNOLOGY CO., LTD. AORUS FO48U 23070B000307";
|
||||
workspace = toString ws;
|
||||
})
|
||||
(lib.range 1 7)
|
||||
)
|
||||
++ (
|
||||
map
|
||||
(ws: {
|
||||
output = "Dell Inc. DELL U2720Q D3TM623";
|
||||
workspace = toString ws;
|
||||
})
|
||||
(lib.range 8 9)
|
||||
);
|
||||
};
|
||||
};
|
||||
*/
|
||||
};
|
||||
}
|
176
nixos/dragon.nix
Normal file
176
nixos/dragon.nix
Normal file
|
@ -0,0 +1,176 @@
|
|||
{
|
||||
pkgs,
|
||||
lib,
|
||||
config,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
{
|
||||
system.stateVersion = "24.11";
|
||||
home-manager.users.daniel.home.stateVersion = "24.05";
|
||||
networking.hostName = "dragon";
|
||||
}
|
||||
|
||||
{
|
||||
# sops secrets config
|
||||
sops = {
|
||||
defaultSopsFile = ../secrets/dragon/secrets.yml;
|
||||
age = {
|
||||
sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
|
||||
keyFile = "/var/lib/sops-nix/key.txt";
|
||||
generateKey = true;
|
||||
};
|
||||
};
|
||||
}
|
||||
{
|
||||
sops.secrets = {
|
||||
ddns-pass = {mode = "0400";};
|
||||
};
|
||||
services.deno-netlify-ddns-client = {
|
||||
passwordFile = config.sops.secrets.ddns-pass.path;
|
||||
};
|
||||
}
|
||||
];
|
||||
hardware.amdgpu = {
|
||||
amdvlk = {
|
||||
enable = true;
|
||||
support32Bit = {
|
||||
enable = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
hardware.graphics.extraPackages = [
|
||||
# pkgs.rocmPackages.clr.icd
|
||||
pkgs.amdvlk
|
||||
|
||||
# encoding/decoding acceleration
|
||||
pkgs.libvdpau-va-gl
|
||||
pkgs.vaapiVdpau
|
||||
];
|
||||
|
||||
boot = {
|
||||
kernelPackages = pkgs.linuxPackages_latest;
|
||||
loader.efi.canTouchEfiVariables = true;
|
||||
loader.systemd-boot.enable = true;
|
||||
initrd.availableKernelModules = ["xhci_pci" "nvme" "ahci" "usbhid"];
|
||||
kernelModules = ["kvm-amd"];
|
||||
supportedFilesystems = ["ntfs"];
|
||||
};
|
||||
|
||||
hardware.bluetooth = {
|
||||
enable = true;
|
||||
# package = pkgs.bluez;
|
||||
settings = {
|
||||
General = {
|
||||
AutoConnect = true;
|
||||
MultiProfile = "multiple";
|
||||
};
|
||||
};
|
||||
};
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
|
||||
|
||||
# dragon firewall
|
||||
# TODO: maybe should go in the gaming module?
|
||||
networking = {
|
||||
firewall = let
|
||||
terraria = 7777;
|
||||
stardew-valley = 24642;
|
||||
web-dev-lan = 18888;
|
||||
ports = [
|
||||
terraria
|
||||
stardew-valley
|
||||
web-dev-lan
|
||||
];
|
||||
in {
|
||||
allowedTCPPorts = ports;
|
||||
allowedUDPPorts = ports;
|
||||
};
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
radeontop
|
||||
godot_4
|
||||
prismlauncher
|
||||
];
|
||||
|
||||
home-manager.users.daniel = {
|
||||
slippi-launcher = {
|
||||
enable = true;
|
||||
isoPath = "${config.home-manager.users.daniel.home.homeDirectory}/../games/roms/dolphin/melee.iso";
|
||||
launchMeleeOnPlay = false;
|
||||
};
|
||||
|
||||
# TODO: monitor config module?
|
||||
wayland.windowManager.hyprland = {
|
||||
settings = {
|
||||
exec-once = [
|
||||
"eww open bar1"
|
||||
];
|
||||
# See https://wiki.hyprland.org/Configuring/Keywords/ for more
|
||||
monitor = [
|
||||
# "DP-2,3840x2160@60,-2160x0,1,transform,3"
|
||||
"DP-3,3840x2160@120,${toString (builtins.ceil (2160 / 1.5))}x0,1"
|
||||
# TODO: HDR breaks screenshare?
|
||||
/*
|
||||
"DP-3,3840x2160@120,${toString (builtins.ceil (2160 / 1.5))}x0,1,bitdepth,10"
|
||||
"desc:LG Display 0x0521,3840x2160@120,0x0,1"
|
||||
"desc:Dell Inc. DELL U2720Q D3TM623,3840x2160@60,3840x0,1.5,transform,1"
|
||||
*/
|
||||
"DP-1,3840x2160@60,0x0,1.5,transform,1"
|
||||
];
|
||||
input = {
|
||||
force_no_accel = true;
|
||||
sensitivity = 1; # -1.0 - 1.0, 0 means no modification.
|
||||
};
|
||||
workspace = [
|
||||
"1, monitor:DP-3, default:true"
|
||||
"2, monitor:DP-3, default:false"
|
||||
"3, monitor:DP-3, default:false"
|
||||
"4, monitor:DP-3, default:false"
|
||||
"5, monitor:DP-3, default:false"
|
||||
"6, monitor:DP-3, default:false"
|
||||
"7, monitor:DP-3, default:false"
|
||||
"8, monitor:DP-1, default:true"
|
||||
"9, monitor:DP-1, default:false"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
wayland.windowManager.sway = {
|
||||
config = {
|
||||
output = {
|
||||
"GIGA-BYTE TECHNOLOGY CO., LTD. AORUS FO48U 23070B000307" = {
|
||||
mode = "3840x2160@120Hz";
|
||||
position = "${toString (builtins.ceil (2160 / 1.5))},0";
|
||||
};
|
||||
|
||||
"Dell Inc. DELL U2720Q D3TM623" = {
|
||||
# desktop left vertical monitor
|
||||
mode = "3840x2160@60Hz";
|
||||
transform = "270";
|
||||
scale = "1.5";
|
||||
position = "0,0";
|
||||
};
|
||||
};
|
||||
|
||||
workspaceOutputAssign =
|
||||
(
|
||||
map
|
||||
(ws: {
|
||||
output = "GIGA-BYTE TECHNOLOGY CO., LTD. AORUS FO48U 23070B000307";
|
||||
workspace = toString ws;
|
||||
})
|
||||
(lib.range 1 7)
|
||||
)
|
||||
++ (
|
||||
map
|
||||
(ws: {
|
||||
output = "Dell Inc. DELL U2720Q D3TM623";
|
||||
workspace = toString ws;
|
||||
})
|
||||
(lib.range 8 9)
|
||||
);
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,120 +0,0 @@
|
|||
{
|
||||
flake,
|
||||
inputs,
|
||||
outputs,
|
||||
lib,
|
||||
config,
|
||||
pkgs,
|
||||
modulesPath,
|
||||
...
|
||||
}: {
|
||||
networking.hostName = "dragon";
|
||||
|
||||
boot.supportedFilesystems = ["ntfs"];
|
||||
|
||||
imports =
|
||||
[
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
inputs.disko.nixosModules.disko
|
||||
flake.diskoConfigurations.standard
|
||||
inputs.hardware.nixosModules.common-cpu-amd
|
||||
inputs.hardware.nixosModules.common-pc-ssd
|
||||
outputs.nixosModules.pipewire-low-latency
|
||||
]
|
||||
++ (with outputs.nixosModules; [
|
||||
melee
|
||||
desktop-usage
|
||||
podman
|
||||
postgres
|
||||
wifi
|
||||
hyprland
|
||||
ewwbar
|
||||
])
|
||||
++ [
|
||||
# Or modules from other flakes (such as nixos-hardware):
|
||||
# inputs.hardware.nixosModules.common-cpu-amd
|
||||
# inputs.hardware.nixosModules.common-ssd
|
||||
|
||||
# You can also split up your configuration and import pieces of it here:
|
||||
# ./users.nix
|
||||
];
|
||||
|
||||
# TODO: https://nixos.wiki/wiki/Remote_LUKS_Unlocking
|
||||
|
||||
nixpkgs = {
|
||||
# You can add overlays here
|
||||
overlays = [
|
||||
# Add overlays your own flake exports (from overlays and pkgs dir):
|
||||
outputs.overlays.additions
|
||||
outputs.overlays.modifications
|
||||
outputs.overlays.unstable-packages
|
||||
|
||||
# You can also add overlays exported from other flakes:
|
||||
# neovim-nightly-overlay.overlays.default
|
||||
|
||||
# Or define it inline, for example:
|
||||
# (final: prev: {
|
||||
# hi = final.hello.overrideAttrs (oldAttrs: {
|
||||
# patches = [ ./change-hello-to-hi.patch ];
|
||||
# });
|
||||
# })
|
||||
];
|
||||
# Configure your nixpkgs instance
|
||||
config = {
|
||||
# Disable if you don't want unfree packages
|
||||
allowUnfree = true;
|
||||
};
|
||||
};
|
||||
|
||||
nix = {
|
||||
# This will add each flake input as a registry
|
||||
# To make nix3 commands consistent with your flake
|
||||
registry = lib.mapAttrs (_: value: {flake = value;}) inputs;
|
||||
|
||||
# This will additionally add your inputs to the system's legacy channels
|
||||
# Making legacy nix commands consistent as well, awesome!
|
||||
nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
|
||||
|
||||
settings = {
|
||||
# Enable flakes and new 'nix' command
|
||||
experimental-features = "nix-command flakes";
|
||||
# Deduplicate and optimize nix store
|
||||
auto-optimise-store = true;
|
||||
};
|
||||
};
|
||||
|
||||
# hardware
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "ahci"];
|
||||
boot.kernelModules = ["kvm-amd"];
|
||||
|
||||
hardware.bluetooth.enable = true;
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
|
||||
services.printing.enable = true;
|
||||
|
||||
environment = {
|
||||
systemPackages = with pkgs; [
|
||||
radeontop
|
||||
];
|
||||
};
|
||||
|
||||
networking = {
|
||||
firewall = {
|
||||
enable = true;
|
||||
allowPing = true;
|
||||
allowedTCPPorts = [22 7777];
|
||||
allowedUDPPorts = [];
|
||||
};
|
||||
};
|
||||
|
||||
services.udev.packages = [
|
||||
pkgs.platformio
|
||||
pkgs.openocd
|
||||
];
|
||||
programs.adb.enable = true;
|
||||
users.users.daniel.extraGroups = ["adbusers"];
|
||||
|
||||
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
|
||||
system.stateVersion = "23.11";
|
||||
}
|
14
nixos/factorio-versions.json
Normal file
14
nixos/factorio-versions.json
Normal file
|
@ -0,0 +1,14 @@
|
|||
{
|
||||
"x86_64-linux": {
|
||||
"headless": {
|
||||
"stable": {
|
||||
"name": "factorio_headless_x64-2.0.15.tar.xz",
|
||||
"needsAuth": false,
|
||||
"sha256": "cLRBy4B4EaYFhsARBySMHY164EO9HyNnX8kk+6qlONg=",
|
||||
"tarDirectory": "x64",
|
||||
"url": "https://factorio.com/get-download/2.0.15/headless/linux64",
|
||||
"version": "2.0.15"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
500
nixos/foxtrot.nix
Normal file
500
nixos/foxtrot.nix
Normal file
|
@ -0,0 +1,500 @@
|
|||
{pkgs, ...}:
|
||||
/*
|
||||
## source: https://community.frame.work/t/speakers-sound-quality/1078/82
|
||||
let
|
||||
pipewire-speakers-profile-json = ''{
|
||||
"output": {
|
||||
"blocklist": [],
|
||||
"equalizer": {
|
||||
"balance": 0.0,
|
||||
"bypass": false,
|
||||
"input-gain": 0.0,
|
||||
"left": {
|
||||
"band0": {
|
||||
"frequency": 100.0,
|
||||
"gain": 0.0,
|
||||
"mode": "RLC (BT)",
|
||||
"mute": false,
|
||||
"q": 1.0,
|
||||
"slope": "x4",
|
||||
"solo": false,
|
||||
"type": "Hi-pass"
|
||||
},
|
||||
"band1": {
|
||||
"frequency": 150.0,
|
||||
"gain": 4.02,
|
||||
"mode": "RLC (BT)",
|
||||
"mute": false,
|
||||
"q": 3.0,
|
||||
"slope": "x1",
|
||||
"solo": false,
|
||||
"type": "Bell"
|
||||
},
|
||||
"band2": {
|
||||
"frequency": 600.0,
|
||||
"gain": -5.07,
|
||||
"mode": "RLC (BT)",
|
||||
"mute": false,
|
||||
"q": 4.000000000000008,
|
||||
"slope": "x1",
|
||||
"solo": false,
|
||||
"type": "Bell"
|
||||
},
|
||||
"band3": {
|
||||
"frequency": 1200.0,
|
||||
"gain": -3.49,
|
||||
"mode": "RLC (BT)",
|
||||
"mute": false,
|
||||
"q": 4.17,
|
||||
"slope": "x1",
|
||||
"solo": false,
|
||||
"type": "Bell"
|
||||
},
|
||||
"band4": {
|
||||
"frequency": 2000.0,
|
||||
"gain": 1.43,
|
||||
"mode": "RLC (BT)",
|
||||
"mute": false,
|
||||
"q": 4.0,
|
||||
"slope": "x1",
|
||||
"solo": false,
|
||||
"type": "Bell"
|
||||
},
|
||||
"band5": {
|
||||
"frequency": 5300.0,
|
||||
"gain": 3.84,
|
||||
"mode": "RLC (BT)",
|
||||
"mute": false,
|
||||
"q": 2.64,
|
||||
"slope": "x1",
|
||||
"solo": false,
|
||||
"type": "Bell"
|
||||
},
|
||||
"band6": {
|
||||
"frequency": 6000.0,
|
||||
"gain": 4.02,
|
||||
"mode": "RLC (BT)",
|
||||
"mute": false,
|
||||
"q": 4.36,
|
||||
"slope": "x1",
|
||||
"solo": false,
|
||||
"type": "Hi-shelf"
|
||||
},
|
||||
"band7": {
|
||||
"frequency": 7500.0,
|
||||
"gain": -2.09,
|
||||
"mode": "RLC (BT)",
|
||||
"mute": false,
|
||||
"q": 3.0,
|
||||
"slope": "x1",
|
||||
"solo": false,
|
||||
"type": "Bell"
|
||||
},
|
||||
"band8": {
|
||||
"frequency": 8000.0,
|
||||
"gain": 2.01,
|
||||
"mode": "RLC (BT)",
|
||||
"mute": false,
|
||||
"q": 4.36,
|
||||
"slope": "x1",
|
||||
"solo": false,
|
||||
"type": "Bell"
|
||||
},
|
||||
"band9": {
|
||||
"frequency": 900.0,
|
||||
"gain": -4.12,
|
||||
"mode": "RLC (BT)",
|
||||
"mute": false,
|
||||
"q": 5.909999999999967,
|
||||
"slope": "x1",
|
||||
"solo": false,
|
||||
"type": "Bell"
|
||||
}
|
||||
},
|
||||
"mode": "IIR",
|
||||
"num-bands": 10,
|
||||
"output-gain": -1.5,
|
||||
"pitch-left": 0.0,
|
||||
"pitch-right": 0.0,
|
||||
"right": {
|
||||
"band0": {
|
||||
"frequency": 100.0,
|
||||
"gain": 0.0,
|
||||
"mode": "RLC (BT)",
|
||||
"mute": false,
|
||||
"q": 1.0,
|
||||
"slope": "x4",
|
||||
"solo": false,
|
||||
"type": "Hi-pass"
|
||||
},
|
||||
"band1": {
|
||||
"frequency": 150.0,
|
||||
"gain": 4.02,
|
||||
"mode": "RLC (BT)",
|
||||
"mute": false,
|
||||
"q": 3.0,
|
||||
"slope": "x1",
|
||||
"solo": false,
|
||||
"type": "Bell"
|
||||
},
|
||||
"band2": {
|
||||
"frequency": 600.0,
|
||||
"gain": -5.07,
|
||||
"mode": "RLC (BT)",
|
||||
"mute": false,
|
||||
"q": 4.000000000000008,
|
||||
"slope": "x1",
|
||||
"solo": false,
|
||||
"type": "Bell"
|
||||
},
|
||||
"band3": {
|
||||
"frequency": 1200.0,
|
||||
"gain": -3.49,
|
||||
"mode": "RLC (BT)",
|
||||
"mute": false,
|
||||
"q": 4.17,
|
||||
"slope": "x1",
|
||||
"solo": false,
|
||||
"type": "Bell"
|
||||
},
|
||||
"band4": {
|
||||
"frequency": 2000.0,
|
||||
"gain": 1.43,
|
||||
"mode": "RLC (BT)",
|
||||
"mute": false,
|
||||
"q": 4.0,
|
||||
"slope": "x1",
|
||||
"solo": false,
|
||||
"type": "Bell"
|
||||
},
|
||||
"band5": {
|
||||
"frequency": 5300.0,
|
||||
"gain": 3.84,
|
||||
"mode": "RLC (BT)",
|
||||
"mute": false,
|
||||
"q": 2.64,
|
||||
"slope": "x1",
|
||||
"solo": false,
|
||||
"type": "Bell"
|
||||
},
|
||||
"band6": {
|
||||
"frequency": 6000.0,
|
||||
"gain": 4.02,
|
||||
"mode": "RLC (BT)",
|
||||
"mute": false,
|
||||
"q": 4.36,
|
||||
"slope": "x1",
|
||||
"solo": false,
|
||||
"type": "Hi-shelf"
|
||||
},
|
||||
"band7": {
|
||||
"frequency": 7500.0,
|
||||
"gain": -2.09,
|
||||
"mode": "RLC (BT)",
|
||||
"mute": false,
|
||||
"q": 3.0,
|
||||
"slope": "x1",
|
||||
"solo": false,
|
||||
"type": "Bell"
|
||||
},
|
||||
"band8": {
|
||||
"frequency": 8000.0,
|
||||
"gain": 2.01,
|
||||
"mode": "RLC (BT)",
|
||||
"mute": false,
|
||||
"q": 4.36,
|
||||
"slope": "x1",
|
||||
"solo": false,
|
||||
"type": "Bell"
|
||||
},
|
||||
"band9": {
|
||||
"frequency": 900.0,
|
||||
"gain": -4.12,
|
||||
"mode": "RLC (BT)",
|
||||
"mute": false,
|
||||
"q": 5.909999999999967,
|
||||
"slope": "x1",
|
||||
"solo": false,
|
||||
"type": "Bell"
|
||||
}
|
||||
},
|
||||
"split-channels": false
|
||||
},
|
||||
"loudness": {
|
||||
"bypass": false,
|
||||
"clipping": false,
|
||||
"clipping-range": 6.0,
|
||||
"fft": "4096",
|
||||
"input-gain": 0.0,
|
||||
"output-gain": 0.0,
|
||||
"std": "ISO226-2003",
|
||||
"volume": 6.999999999999991
|
||||
},
|
||||
"plugins_order": [
|
||||
"loudness",
|
||||
"equalizer"
|
||||
]
|
||||
}
|
||||
}'';
|
||||
in
|
||||
*/
|
||||
{
|
||||
imports = [
|
||||
{
|
||||
system.stateVersion = "24.05";
|
||||
home-manager.users.daniel.home.stateVersion = "24.05";
|
||||
networking.hostName = "foxtrot";
|
||||
}
|
||||
{
|
||||
swapDevices = [
|
||||
# TODO: move this to disko?
|
||||
# NOTE(oninstall):
|
||||
/*
|
||||
sudo btrfs subvolume create /swap
|
||||
sudo btrfs filesystem mkswapfile --size 32g --uuid clear /swap/swapfile
|
||||
sudo swapon /swap/swapfile
|
||||
*/
|
||||
{device = "/swap/swapfile";}
|
||||
];
|
||||
# findmnt -no UUID -T /swap/swapfile
|
||||
boot.resumeDevice = "/dev/disk/by-uuid/81c3354a-f629-4b6b-a249-7705aeb9f0d5";
|
||||
# systemd.sleep.extraConfig = "HibernateDelaySec=180m";
|
||||
services.fwupd.enable = true;
|
||||
services.fwupd.extraRemotes = ["lvfs-testing"];
|
||||
}
|
||||
];
|
||||
|
||||
environment = {
|
||||
systemPackages = with pkgs; [
|
||||
easyeffects
|
||||
godot_4
|
||||
fractal
|
||||
prismlauncher
|
||||
upower
|
||||
acpi
|
||||
prismlauncher
|
||||
radeontop
|
||||
sops
|
||||
xh
|
||||
];
|
||||
};
|
||||
|
||||
home-manager.users.daniel = {
|
||||
home = {
|
||||
pointerCursor = {
|
||||
size = 40;
|
||||
};
|
||||
};
|
||||
|
||||
services.easyeffects = {
|
||||
enable = true;
|
||||
preset = "philonmetal";
|
||||
# clone from https://github.com/ceiphr/ee-framework-presets
|
||||
# then `cp *.json ~/.config/easyeffects/output`
|
||||
# TODO: nixify this
|
||||
};
|
||||
|
||||
services.hypridle = let
|
||||
secondsPerMinute = 60;
|
||||
lockSeconds = 10 * secondsPerMinute;
|
||||
in {
|
||||
settings = {
|
||||
listener = [
|
||||
{
|
||||
timeout = lockSeconds + 55;
|
||||
on-timeout = ''systemctl suspend'';
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
wayland.windowManager.hyprland = {
|
||||
settings = {
|
||||
exec-once = [
|
||||
"eww open bar0"
|
||||
];
|
||||
# See https://wiki.hyprland.org/Configuring/Keywords/ for more
|
||||
monitor = [
|
||||
"eDP-1,2880x1920@120Hz,0x0,1.66667"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
wayland.windowManager.sway = {
|
||||
config = {
|
||||
output = {
|
||||
"BOE NE135A1M-NY1 Unknown" = {
|
||||
mode = "2880x1920@120Hz";
|
||||
position = "1092,2160";
|
||||
scale = toString (5 / 3);
|
||||
};
|
||||
|
||||
"Dell Inc. DELL U2720Q CWTM623" = {
|
||||
mode = "3840x2160@60Hz";
|
||||
position = "0,0";
|
||||
scale = toString 1.25;
|
||||
};
|
||||
|
||||
/*
|
||||
"BOE 0x0BCA Unknown" = {
|
||||
mode = "2256x1504@60Hz";
|
||||
position = "0,0";
|
||||
scale = toString scale;
|
||||
};
|
||||
|
||||
"Dell Inc. DELL U2720Q D3TM623" = {
|
||||
# desktop left vertical monitor
|
||||
mode = "1920x1080@60Hz";
|
||||
# transform = "90";
|
||||
# scale = "1.5";
|
||||
position = "${toString (builtins.floor (2256 / scale))},0";
|
||||
};
|
||||
*/
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
hardware.graphics.extraPackages = [
|
||||
# pkgs.rocmPackages.clr.icd
|
||||
pkgs.amdvlk
|
||||
|
||||
# encoding/decoding acceleration
|
||||
pkgs.libvdpau-va-gl
|
||||
pkgs.vaapiVdpau
|
||||
];
|
||||
|
||||
hardware.amdgpu = {
|
||||
amdvlk = {
|
||||
enable = true;
|
||||
support32Bit = {
|
||||
enable = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
networking.networkmanager.wifi.powersave = false;
|
||||
|
||||
hardware.framework.amd-7040.preventWakeOnAC = true;
|
||||
|
||||
boot = {
|
||||
# kernelPackages = pkgs.linuxPackages_latest;
|
||||
|
||||
# https://github.com/void-linux/void-packages/issues/50417#issuecomment-2131802836 fix framework 13 not shutting down
|
||||
/*
|
||||
kernelPatches = [
|
||||
{
|
||||
name = "framework13shutdownfix";
|
||||
patch = builtins.fetchurl {
|
||||
url = "https://github.com/void-linux/void-packages/files/15445612/0001-Add-hopefully-a-solution-for-shutdown-regression.PATCH";
|
||||
sha256 = "sha256:10zcnzy5hkam2cnxx441b978gzhvnqlcc49k7bpz9dc28xyjik50";
|
||||
};
|
||||
}
|
||||
];
|
||||
*/
|
||||
|
||||
loader = {
|
||||
efi.canTouchEfiVariables = true;
|
||||
systemd-boot.enable = true;
|
||||
};
|
||||
|
||||
# NOTE(oninstall):
|
||||
/*
|
||||
sudo filefrag -v /swap/swapfile | awk '$1=="0:" {print substr($4, 1, length($4)-2)}'
|
||||
the above won't work for btrfs, instead you need btrfs inspect-internal map-swapfile -r /swap/swapfile
|
||||
https://wiki.archlinux.org/title/Power_management/Suspend_and_hibernate#Hibernation_into_swap_file
|
||||
many of these come from https://wiki.archlinux.org/title/Framework_Laptop_13#Suspend
|
||||
*/
|
||||
kernelParams = [
|
||||
"rtc_cmos.use_acpi_alarm=1"
|
||||
"amdgpu.sg_display=0"
|
||||
"acpi_osi=\"!Windows 2020\""
|
||||
|
||||
# "nvme.noacpi=1" # maybe causing crashes upon waking?
|
||||
|
||||
# NOTE(oninstall):
|
||||
"resume_offset=3421665"
|
||||
];
|
||||
initrd.availableKernelModules = ["xhci_pci" "nvme" "thunderbolt"];
|
||||
kernelModules = ["kvm-amd"];
|
||||
};
|
||||
hardware.bluetooth = {
|
||||
enable = true;
|
||||
# TODO: when resuming from hibernation, it would be nice if this would
|
||||
# simply resume the power state at the time of hibernation
|
||||
powerOnBoot = false;
|
||||
|
||||
package = pkgs.bluez.overrideAttrs (finalAttrs: previousAttrs: rec {
|
||||
version = "5.78";
|
||||
src = pkgs.fetchurl {
|
||||
url = "mirror://kernel/linux/bluetooth/bluez-${version}.tar.xz";
|
||||
sha256 = "sha256-gw/tGRXF03W43g9eb0X83qDcxf9f+z0x227Q8A1zxeM=";
|
||||
};
|
||||
patches = [];
|
||||
buildInputs =
|
||||
previousAttrs.buildInputs
|
||||
++ [
|
||||
pkgs.python3Packages.pygments
|
||||
];
|
||||
});
|
||||
};
|
||||
powerManagement.cpuFreqGovernor = "ondemand";
|
||||
/*
|
||||
powerManagement.resumeCommands = ''
|
||||
modprobe -rv mt7921e
|
||||
modprobe -v mt7921e
|
||||
'';
|
||||
*/
|
||||
|
||||
services.power-profiles-daemon = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
services.fprintd = {
|
||||
enable = false;
|
||||
package = pkgs.fprintd.overrideAttrs {
|
||||
# Source: https://github.com/NixOS/nixpkgs/commit/87ca2dc071581aea0e691c730d6844f1beb07c9f
|
||||
mesonCheckFlags = [
|
||||
# PAM related checks are timing out
|
||||
"--no-suite"
|
||||
"fprintd:TestPamFprintd"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
/*
|
||||
services.tlp = {
|
||||
enable = true;
|
||||
settings = {
|
||||
CPU_ENERGY_PERF_POLICY_ON_BAT = "power";
|
||||
CPU_SCALING_GOVERNOR_ON_BAT = "ondemand";
|
||||
CPU_MIN_PERF_ON_BAT = 0;
|
||||
CPU_MAX_PERF_ON_BAT = 80;
|
||||
|
||||
CPU_SCALING_GOVERNOR_ON_AC = "performance";
|
||||
CPU_ENERGY_PERF_POLICY_ON_AC = "performance";
|
||||
CPU_MIN_PERF_ON_AC = 0;
|
||||
CPU_MAX_PERF_ON_AC = 100;
|
||||
};
|
||||
};
|
||||
*/
|
||||
|
||||
networking.firewall.allowedTCPPorts = let
|
||||
stardewValley = 24642;
|
||||
factorio = 34197;
|
||||
in [
|
||||
8000 # dev stuff
|
||||
factorio
|
||||
stardewValley
|
||||
7777
|
||||
];
|
||||
networking.firewall.allowedUDPPorts = let
|
||||
stardewValley = 24642;
|
||||
factorio = 34197;
|
||||
in [
|
||||
8000 # dev stuff
|
||||
factorio
|
||||
stardewValley
|
||||
7777
|
||||
];
|
||||
}
|
|
@ -1,190 +0,0 @@
|
|||
{
|
||||
flake,
|
||||
inputs,
|
||||
outputs,
|
||||
lib,
|
||||
# config,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
networking.hostName = "foxtrot";
|
||||
|
||||
imports =
|
||||
[
|
||||
inputs.disko.nixosModules.disko
|
||||
flake.diskoConfigurations.standard
|
||||
]
|
||||
++ (with outputs.nixosModules; [
|
||||
desktop-usage
|
||||
podman
|
||||
postgres
|
||||
wifi
|
||||
# hyprland
|
||||
])
|
||||
++ [
|
||||
inputs.hardware.nixosModules.framework-13-7040-amd
|
||||
];
|
||||
|
||||
# use updated ppd for framework 13:
|
||||
# source: https://community.frame.work/t/tracking-ppd-v-tlp-for-amd-ryzen-7040/39423/137?u=lytedev
|
||||
nixpkgs.overlays = [
|
||||
(
|
||||
final: prev: {
|
||||
power-profiles-daemon = prev.power-profiles-daemon.overrideAttrs (
|
||||
old: {
|
||||
version = "0.13-1";
|
||||
|
||||
patches =
|
||||
(old.patches or [])
|
||||
++ [
|
||||
(prev.fetchpatch {
|
||||
url = "https://gitlab.freedesktop.org/upower/power-profiles-daemon/-/merge_requests/127.patch";
|
||||
sha256 = "sha256-jnq5yJvWQHOlZ78SE/4/HqiQfF25YHQH/T4wwDVRHR0=";
|
||||
})
|
||||
(prev.fetchpatch {
|
||||
url = "https://gitlab.freedesktop.org/upower/power-profiles-daemon/-/merge_requests/128.patch";
|
||||
sha256 = "sha256-YD9wn9IQlCp02r4lmwRnx9Eur2VVP1JfC/Bm8hlzF3Q=";
|
||||
})
|
||||
(prev.fetchpatch {
|
||||
url = "https://gitlab.freedesktop.org/upower/power-profiles-daemon/-/merge_requests/129.patch";
|
||||
sha256 = "sha256-9T+I3BAUW3u4LldF85ctE0/PLu9u+KBN4maoL653WJU=";
|
||||
})
|
||||
];
|
||||
|
||||
# explicitly fetching the source to make sure we're patching over 0.13 (this isn't strictly needed):
|
||||
src = prev.fetchFromGitLab {
|
||||
domain = "gitlab.freedesktop.org";
|
||||
owner = "hadess";
|
||||
repo = "power-profiles-daemon";
|
||||
rev = "0.13";
|
||||
sha256 = "sha256-ErHy+shxZQ/aCryGhovmJ6KmAMt9OZeQGDbHIkC0vUE=";
|
||||
};
|
||||
}
|
||||
);
|
||||
}
|
||||
)
|
||||
];
|
||||
|
||||
swapDevices = [
|
||||
# TODO: move this to disko?
|
||||
# NOTE(oninstall):
|
||||
# sudo btrfs subvolume create /swap
|
||||
# sudo btrfs filesystem mkswapfile --size 32g --uuid clear /swap/swapfile
|
||||
# sudo swapon /swap/swapfile
|
||||
{device = "/swap/swapfile";}
|
||||
];
|
||||
|
||||
# findmnt -no UUID -T /swap/swapfile
|
||||
boot.resumeDevice = "/dev/disk/by-uuid/81c3354a-f629-4b6b-a249-7705aeb9f0d5";
|
||||
|
||||
services.logind = {
|
||||
lidSwitch = "suspend-then-hibernate";
|
||||
extraConfig = ''
|
||||
HandlePowerKey=suspend-then-hibernate
|
||||
IdleAction=suspend-then-hibernate
|
||||
IdleActionSec=10m
|
||||
'';
|
||||
};
|
||||
systemd.sleep.extraConfig = "HibernateDelaySec=90m";
|
||||
|
||||
services.fwupd.enable = true;
|
||||
services.fwupd.extraRemotes = ["lvfs-testing"];
|
||||
|
||||
hardware.opengl.extraPackages = [
|
||||
# pkgs.rocmPackages.clr.icd
|
||||
pkgs.amdvlk
|
||||
# encoding/decoding acceleration
|
||||
pkgs.libvdpau-va-gl
|
||||
pkgs.vaapiVdpau
|
||||
];
|
||||
|
||||
hardware.wirelessRegulatoryDatabase = true;
|
||||
|
||||
hardware.framework.amd-7040.preventWakeOnAC = true;
|
||||
|
||||
boot = {
|
||||
kernelPackages = pkgs.linuxPackages_latest; # seeing if using the stable kernel makes wow work
|
||||
|
||||
loader = {
|
||||
efi.canTouchEfiVariables = true;
|
||||
systemd-boot.enable = true;
|
||||
};
|
||||
|
||||
# NOTE(oninstall):
|
||||
# sudo filefrag -v /swap/swapfile | awk '$1=="0:" {print substr($4, 1, length($4)-2)}'
|
||||
# the above won't work for btrfs, instead you need
|
||||
# btrfs inspect-internal map-swapfile -r /swap/swapfile
|
||||
# https://wiki.archlinux.org/title/Power_management/Suspend_and_hibernate#Hibernation_into_swap_file
|
||||
# many of these come from https://wiki.archlinux.org/title/Framework_Laptop_13#Suspend
|
||||
kernelParams = [
|
||||
"amdgpu.sg_display=0"
|
||||
"acpi_osi=\"!Windows 2020\""
|
||||
# NOTE(oninstall):
|
||||
"resume_offset=3421665"
|
||||
# "nvme.noacpi=1" # maybe causing crashes upon waking?
|
||||
"rtc_cmos.use_acpi_alarm=1"
|
||||
];
|
||||
initrd.availableKernelModules = ["xhci_pci" "nvme" "thunderbolt"];
|
||||
kernelModules = ["kvm-amd"];
|
||||
extraModprobeConfig = ''
|
||||
options cfg80211 ieee80211_regdom="US"
|
||||
'';
|
||||
};
|
||||
hardware.bluetooth = {
|
||||
enable = true;
|
||||
powerOnBoot = false;
|
||||
};
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
|
||||
services.printing.enable = true;
|
||||
services.printing.browsing = true;
|
||||
services.printing.browsedConf = ''
|
||||
BrowseDNSSDSubTypes _cups,_print
|
||||
BrowseLocalProtocols all
|
||||
BrowseRemoteProtocols all
|
||||
CreateIPPPrinterQueues All
|
||||
|
||||
BrowseProtocols all
|
||||
'';
|
||||
services.printing.drivers = [pkgs.gutenprint];
|
||||
services.avahi = {
|
||||
enable = true;
|
||||
reflector = true;
|
||||
openFirewall = true;
|
||||
nssmdns = true;
|
||||
};
|
||||
|
||||
services.fprintd = {
|
||||
enable = false;
|
||||
# tod.enable = true;
|
||||
# tod.driver = pkgs.libfprint-2-tod1-goodix;
|
||||
};
|
||||
services.power-profiles-daemon = {
|
||||
enable = true;
|
||||
};
|
||||
services.tlp = {
|
||||
enable = false;
|
||||
settings = {
|
||||
CPU_ENERGY_PERF_POLICY_ON_BAT = "power";
|
||||
CPU_SCALING_GOVERNOR_ON_BAT = "ondemand";
|
||||
CPU_MIN_PERF_ON_BAT = 0;
|
||||
CPU_MAX_PERF_ON_BAT = 60;
|
||||
|
||||
CPU_SCALING_GOVERNOR_ON_AC = "performance";
|
||||
CPU_ENERGY_PERF_POLICY_ON_AC = "performance";
|
||||
CPU_MIN_PERF_ON_AC = 0;
|
||||
CPU_MAX_PERF_ON_AC = 100;
|
||||
};
|
||||
};
|
||||
powerManagement.powertop.enable = true;
|
||||
|
||||
networking = {
|
||||
firewall = {
|
||||
enable = true;
|
||||
allowPing = true;
|
||||
allowedTCPPorts = [22];
|
||||
allowedUDPPorts = [];
|
||||
};
|
||||
};
|
||||
|
||||
system.stateVersion = "24.05";
|
||||
}
|
44
nixos/htpc.nix
Normal file
44
nixos/htpc.nix
Normal file
|
@ -0,0 +1,44 @@
|
|||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
networking.hostName = "htpc";
|
||||
|
||||
networking.networkmanager.enable = true;
|
||||
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.device = "/dev/sda";
|
||||
boot.loader.grub.useOSProber = true;
|
||||
|
||||
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"];
|
||||
boot.initrd.kernelModules = ["8821au" "8812au"];
|
||||
boot.kernelModules = ["kvm-intel"];
|
||||
boot.extraModulePackages = [
|
||||
# pkgs.rtl8811au
|
||||
config.boot.kernelPackages.rtl8812au
|
||||
config.boot.kernelPackages.rtl8821au
|
||||
];
|
||||
|
||||
fileSystems."/" = {
|
||||
device = "/dev/disk/by-uuid/86d8ded0-1c6f-4a79-901c-2d59c11b5ca8";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
swapDevices = [];
|
||||
|
||||
hardware.bluetooth = {
|
||||
enable = true;
|
||||
# package = pkgs.bluez;
|
||||
settings = {
|
||||
General = {
|
||||
AutoConnect = true;
|
||||
MultiProfile = "multiple";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
}
|
144
nixos/htpifour.nix
Normal file
144
nixos/htpifour.nix
Normal file
|
@ -0,0 +1,144 @@
|
|||
{
|
||||
pkgs,
|
||||
lib,
|
||||
hardware,
|
||||
outputs,
|
||||
modulesPath,
|
||||
...
|
||||
}: {
|
||||
nixpkgs.hostPlatform = "aarch64-linux";
|
||||
networking.hostName = "htpifour";
|
||||
|
||||
imports = with outputs.nixosModules; [
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
hardware.nixosModules.raspberry-pi-4
|
||||
outputs.diskoConfigurations.unencrypted
|
||||
desktop-usage
|
||||
# gnome
|
||||
kde-plasma
|
||||
wifi
|
||||
flanfam
|
||||
flanfamkiosk
|
||||
];
|
||||
|
||||
hardware = {
|
||||
raspberry-pi."4".apply-overlays-dtmerge.enable = true;
|
||||
deviceTree = {
|
||||
enable = true;
|
||||
filter = "*rpi-4-*.dtb";
|
||||
};
|
||||
};
|
||||
console.enable = false;
|
||||
|
||||
home-manager.users.daniel = {
|
||||
imports = with outputs.homeManagerModules; [linux-desktop wallpaper-manager];
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs;
|
||||
#with pkgs;
|
||||
[
|
||||
# libcec
|
||||
libraspberrypi
|
||||
raspberrypi-eeprom
|
||||
];
|
||||
|
||||
programs.steam.enable = true;
|
||||
programs.steam.remotePlay.openFirewall = true;
|
||||
|
||||
services.xserver = {
|
||||
displayManager = {
|
||||
# lightdm.enable = true;
|
||||
autoLogin.enable = true;
|
||||
autoLogin.user = "daniel";
|
||||
};
|
||||
# videoDrivers = ["fbdev"];
|
||||
};
|
||||
|
||||
hardware.raspberry-pi."4".fkms-3d.enable = true;
|
||||
hardware.raspberry-pi."4".audio.enable = true;
|
||||
|
||||
nixpkgs.overlays = [
|
||||
/*
|
||||
nixos-22.05
|
||||
(self: super: { libcec = super.libcec.override { inherit (self) libraspberrypi; }; })
|
||||
nixos-22.11
|
||||
(self: super: {libcec = super.libcec.override {withLibraspberrypi = true;};})
|
||||
*/
|
||||
];
|
||||
|
||||
# Workaround for GNOME autologin: https://github.com/NixOS/nixpkgs/issues/103746#issuecomment-945091229
|
||||
/*
|
||||
systemd.services."getty@tty1".enable = false;
|
||||
systemd.services."autovt@tty1".enable = false;
|
||||
*/
|
||||
|
||||
# hardware
|
||||
systemd.targets.sleep.enable = false;
|
||||
systemd.targets.suspend.enable = false;
|
||||
systemd.targets.hibernate.enable = false;
|
||||
systemd.targets.hybrid-sleep.enable = false;
|
||||
|
||||
powerManagement.enable = false;
|
||||
|
||||
boot = {
|
||||
kernelPackages = pkgs.linuxKernel.packages.linux_rpi4;
|
||||
initrd.availableKernelModules = ["xhci_pci" "usbhid" "usb_storage"];
|
||||
loader = {
|
||||
grub.enable = false;
|
||||
generic-extlinux-compatible.enable = true;
|
||||
};
|
||||
};
|
||||
|
||||
networking = {
|
||||
networkmanager.enable = true;
|
||||
# useDHCP = true;
|
||||
|
||||
firewall = {
|
||||
enable = true;
|
||||
allowPing = true;
|
||||
allowedTCPPorts = [
|
||||
22 # ssh
|
||||
];
|
||||
allowedUDPPorts = [];
|
||||
};
|
||||
};
|
||||
|
||||
/*
|
||||
services.udev.extraRules = ''
|
||||
# allow access to raspi cec device for video group (and optionally register it as a systemd device, used below)
|
||||
SUBSYSTEM=="vchiq", GROUP="video", MODE="0660", TAG+="systemd", ENV{SYSTEMD_ALIAS}="/dev/vchiq"
|
||||
'';
|
||||
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||
|
||||
optional: attach a persisted cec-client to `/run/cec.fifo`, to avoid the CEC ~1s startup delay per command
|
||||
scan for devices: `echo 'scan' > /run/cec.fifo ; journalctl -u cec-client.service`
|
||||
set pi as active source: `echo 'as' > /run/cec.fifo`
|
||||
systemd.sockets."cec-client" = {
|
||||
after = ["dev-vchiq.device"];
|
||||
bindsTo = ["dev-vchiq.device"];
|
||||
wantedBy = ["sockets.target"];
|
||||
socketConfig = {
|
||||
ListenFIFO = "/run/cec.fifo";
|
||||
SocketGroup = "video";
|
||||
SocketMode = "0660";
|
||||
};
|
||||
};
|
||||
systemd.services."cec-client" = {
|
||||
after = ["dev-vchiq.device"];
|
||||
bindsTo = ["dev-vchiq.device"];
|
||||
wantedBy = ["multi-user.target"];
|
||||
serviceConfig = {
|
||||
ExecStart = ''${pkgs.libcec}/bin/cec-client -d 1'';
|
||||
ExecStop = ''/bin/sh -c "echo q > /run/cec.fifo"'';
|
||||
StandardInput = "socket";
|
||||
StandardOutput = "journal";
|
||||
Restart = "no";
|
||||
};
|
||||
};
|
||||
*/
|
||||
|
||||
hardware.graphics.driSupport32Bit = lib.mkForce false;
|
||||
|
||||
system.stateVersion = "24.05";
|
||||
}
|
|
@ -1,28 +0,0 @@
|
|||
{
|
||||
flake,
|
||||
inputs,
|
||||
outputs,
|
||||
# lib,
|
||||
# config,
|
||||
# pkgs,
|
||||
...
|
||||
}: {
|
||||
networking.hostName = "musicbox";
|
||||
|
||||
imports =
|
||||
[
|
||||
inputs.disko.nixosModules.disko
|
||||
flake.diskoConfigurations.unencrypted
|
||||
]
|
||||
++ (with outputs.nixosModules; [
|
||||
desktop-usage
|
||||
wifi
|
||||
]);
|
||||
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
hardware.bluetooth.enable = true;
|
||||
networking.networkmanager.enable = true;
|
||||
|
||||
system.stateVersion = "23.05";
|
||||
}
|
78
nixos/rascal.nix
Normal file
78
nixos/rascal.nix
Normal file
|
@ -0,0 +1,78 @@
|
|||
{
|
||||
config,
|
||||
modulesPath,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "ehci_pci" "usbhid" "uas" "sd_mod"];
|
||||
boot.kernelModules = ["kvm-amd"];
|
||||
|
||||
fileSystems."/" = {
|
||||
device = "/dev/disk/by-uuid/2e2ad73a-6264-4a7b-8439-9c05295d903d";
|
||||
fsType = "f2fs";
|
||||
};
|
||||
|
||||
fileSystems."/storage" = {
|
||||
device = "/dev/disk/by-uuid/410fa651-4918-447c-9337-97cc12ff6d2a";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
boot.loader.grub = {
|
||||
enable = true;
|
||||
device = "/dev/sda";
|
||||
};
|
||||
|
||||
users.groups.beefcake = {};
|
||||
users.users = {
|
||||
beefcake = {
|
||||
isSystemUser = true;
|
||||
createHome = true;
|
||||
home = "/storage/backups/beefcake";
|
||||
group = "beefcake";
|
||||
extraGroups = ["sftponly"];
|
||||
openssh.authorizedKeys.keys =
|
||||
config.users.users.daniel.openssh.authorizedKeys.keys
|
||||
++ [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK7HrojwoyHED+A/FzRjYmIL0hzofwBd9IYHH6yV0oPO root@beefcake"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAOEI82VdbyR1RYqSnFtlffHBtHFdXO0v9RmQH7GkfXo restic@beefcake"
|
||||
];
|
||||
};
|
||||
|
||||
daniel = {
|
||||
# used for restic backups
|
||||
isNormalUser = true;
|
||||
extraGroups = ["users" "wheel" "video" "dialout" "uucp"];
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAPLXOjupz3ScYjgrF+ehrbp9OvGAWQLI6fplX6w9Ijb daniel@lyte.dev"
|
||||
];
|
||||
};
|
||||
|
||||
root = {
|
||||
openssh.authorizedKeys.keys = config.users.users.daniel.openssh.authorizedKeys.keys;
|
||||
};
|
||||
};
|
||||
|
||||
services.openssh.extraConfig = ''
|
||||
Match Group sftponly
|
||||
ChrootDirectory /storage/backups/%u
|
||||
ForceCommand internal-sftp
|
||||
AllowTcpForwarding no
|
||||
'';
|
||||
|
||||
networking = {
|
||||
hostName = "rascal";
|
||||
networkmanager.enable = true;
|
||||
firewall = {
|
||||
enable = true;
|
||||
allowPing = true;
|
||||
allowedTCPPorts = [22];
|
||||
};
|
||||
};
|
||||
|
||||
services.tailscale.useRoutingFeatures = "server";
|
||||
|
||||
system.stateVersion = "24.05";
|
||||
}
|
|
@ -1,42 +0,0 @@
|
|||
{
|
||||
inputs,
|
||||
# outputs,
|
||||
config,
|
||||
modulesPath,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
inputs.hardware.nixosModules.common-cpu-amd
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "ehci_pci" "usbhid" "uas" "sd_mod"];
|
||||
boot.kernelModules = ["kvm-amd"];
|
||||
|
||||
fileSystems."/" = {
|
||||
device = "/dev/disk/by-uuid/2e2ad73a-6264-4a7b-8439-9c05295d903d";
|
||||
fsType = "f2fs";
|
||||
};
|
||||
|
||||
boot.loader.grub = {
|
||||
enable = true;
|
||||
device = "/dev/sda";
|
||||
};
|
||||
|
||||
networking = {
|
||||
hostName = "rascal";
|
||||
networkmanager.enable = true;
|
||||
};
|
||||
|
||||
users.users.beefcake = {
|
||||
# used for restic backups
|
||||
isNormalUser = true;
|
||||
openssh.authorizedKeys.keys =
|
||||
config.users.users.daniel.openssh.authorizedKeys.keys
|
||||
++ [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK7HrojwoyHED+A/FzRjYmIL0hzofwBd9IYHH6yV0oPO root@beefcake"
|
||||
];
|
||||
};
|
||||
|
||||
system.stateVersion = "22.05";
|
||||
}
|
769
nixos/router.nix
Normal file
769
nixos/router.nix
Normal file
|
@ -0,0 +1,769 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
# outputs,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
/*
|
||||
NOTE: My goal is to be able to apply most of the common tweaks to the router
|
||||
either live on the system for ad-hoc changes (such as forwarding a port for a
|
||||
multiplayer game) or to tweak these values just below without reaching deeper
|
||||
into the modules' implementation of these configuration values
|
||||
NOTE: I could turn this into a cool NixOS module?
|
||||
TODO: review https://francis.begyn.be/blog/nixos-home-router
|
||||
TODO: more recent: https://github.com/ghostbuster91/blogposts/blob/a2374f0039f8cdf4faddeaaa0347661ffc2ec7cf/router2023-part2/main.md
|
||||
*/
|
||||
hostname = "router";
|
||||
domain = "h.lyte.dev";
|
||||
ip = "192.168.0.1";
|
||||
cidr = "${ip}/16";
|
||||
netmask = "255.255.255.0"; # see cidr
|
||||
dhcp_lease_space = {
|
||||
min = "192.168.0.30";
|
||||
max = "192.168.0.250";
|
||||
};
|
||||
interfaces = {
|
||||
wan = {
|
||||
name = "wan";
|
||||
mac = "00:01:2e:82:73:59";
|
||||
};
|
||||
lan = {
|
||||
name = "lan";
|
||||
mac = "00:01:2e:82:73:5a";
|
||||
};
|
||||
};
|
||||
hosts = {
|
||||
dragon = {
|
||||
ip = "192.168.0.10";
|
||||
};
|
||||
bald = {
|
||||
ip = "192.168.0.11";
|
||||
additionalHosts = [
|
||||
"ourcraft.lyte.dev"
|
||||
];
|
||||
};
|
||||
beefcake = {
|
||||
ip = "192.168.0.9";
|
||||
additionalHosts = [
|
||||
".beefcake.lan"
|
||||
"nix.h.lyte.dev"
|
||||
"idm.h.lyte.dev"
|
||||
"git.lyte.dev"
|
||||
"video.lyte.dev"
|
||||
"paperless.h.lyte.dev"
|
||||
"audio.lyte.dev"
|
||||
"a.lyte.dev"
|
||||
"bw.lyte.dev"
|
||||
"files.lyte.dev"
|
||||
"vpn.h.lyte.dev"
|
||||
"atuin.h.lyte.dev"
|
||||
"grafana.h.lyte.dev"
|
||||
"prometheus.h.lyte.dev"
|
||||
"finances.h.lyte.dev"
|
||||
"nextcloud.h.lyte.dev"
|
||||
"onlyoffice.h.lyte.dev"
|
||||
"a.lyte.dev"
|
||||
];
|
||||
};
|
||||
};
|
||||
sysctl-entries = {
|
||||
"net.ipv4.conf.all.forwarding" = true;
|
||||
"net.ipv6.conf.all.forwarding" = true;
|
||||
|
||||
"net.ipv4.conf.default.rp_filter" = 1;
|
||||
"net.ipv4.conf.${interfaces.wan.name}.rp_filter" = 1;
|
||||
"net.ipv4.conf.${interfaces.lan.name}.rp_filter" = 0;
|
||||
|
||||
"net.ipv6.conf.${interfaces.wan.name}.accept_ra" = 2;
|
||||
"net.ipv6.conf.${interfaces.wan.name}.autoconf" = 1;
|
||||
|
||||
"net.ipv6.conf.all.use_tempaddr" = 2;
|
||||
"net.ipv6.conf.default.use_tempaddr" = lib.mkForce 2;
|
||||
"net.ipv6.conf.${interfaces.wan.name}.use_tempaddr" = 2;
|
||||
# "net.ipv6.conf.${interfaces.wan.name}.addr_gen_mode" = 2;
|
||||
};
|
||||
in {
|
||||
imports = [
|
||||
{
|
||||
# hardware
|
||||
boot = {
|
||||
loader = {
|
||||
efi.canTouchEfiVariables = true;
|
||||
systemd-boot.enable = true;
|
||||
};
|
||||
initrd.availableKernelModules = ["xhci_pci"];
|
||||
initrd.kernelModules = [];
|
||||
kernelModules = ["kvm-intel"];
|
||||
extraModulePackages = [];
|
||||
};
|
||||
|
||||
nixpkgs.hostPlatform = "x86_64-linux";
|
||||
powerManagement.cpuFreqGovernor = "performance";
|
||||
hardware.cpu.intel.updateMicrocode = true;
|
||||
}
|
||||
];
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
iftop
|
||||
];
|
||||
|
||||
sops = {
|
||||
defaultSopsFile = ../secrets/router/secrets.yml;
|
||||
age = {
|
||||
sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
|
||||
keyFile = "/var/lib/sops-nix/key.txt";
|
||||
generateKey = true;
|
||||
};
|
||||
secrets = {
|
||||
netlify-ddns-password = {mode = "0400";};
|
||||
};
|
||||
};
|
||||
services.deno-netlify-ddns-client = {
|
||||
passwordFile = config.sops.secrets.netlify-ddns-password.path;
|
||||
};
|
||||
|
||||
boot.kernel.sysctl =
|
||||
sysctl-entries
|
||||
// {
|
||||
};
|
||||
|
||||
networking = {
|
||||
hostName = hostname;
|
||||
domain = domain;
|
||||
|
||||
# disable some of the sane defaults
|
||||
useDHCP = false;
|
||||
firewall.enable = false;
|
||||
|
||||
# use systemd.network for network interface configuration
|
||||
useNetworkd = true;
|
||||
|
||||
# maybe we need this?
|
||||
nat.enable = true;
|
||||
|
||||
extraHosts = ''
|
||||
127.0.0.1 localhost
|
||||
127.0.0.2 ${hostname}.${domain} ${hostname}
|
||||
${ip} ${hostname}.${domain} ${hostname}
|
||||
|
||||
::1 localhost ip6-localhost ip6-loopback
|
||||
ff02::1 ip6-allnodes
|
||||
ff02::2 ip6-allrouters
|
||||
'';
|
||||
|
||||
# the main meat and potatoes for most routers, the firewall configuration
|
||||
# TODO: IPv6
|
||||
nftables = let
|
||||
inf = {
|
||||
lan = interfaces.lan.name;
|
||||
wan = interfaces.wan.name;
|
||||
};
|
||||
in {
|
||||
enable = true;
|
||||
checkRuleset = true;
|
||||
ruleset = with inf; ''
|
||||
table inet filter {
|
||||
## set LANv4 {
|
||||
## type ipv4_addr
|
||||
## flags interval
|
||||
## elements = { 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 169.254.0.0/16 }
|
||||
## }
|
||||
## set LANv6 {
|
||||
## type ipv6_addr
|
||||
## flags interval
|
||||
## elements = { fd00::/8, fe80::/10 }
|
||||
## }
|
||||
## TODO: maybe tailnet?
|
||||
|
||||
## chain my_input_lan {
|
||||
## udp sport 1900 udp dport >= 1024 meta pkttype unicast limit rate 4/second burst 20 packets accept comment "Accept UPnP IGD port mapping reply"
|
||||
## udp sport netbios-ns udp dport >= 1024 meta pkttype unicast accept comment "Accept Samba Workgroup browsing replies"
|
||||
## }
|
||||
|
||||
chain input {
|
||||
type filter hook input priority 0; policy drop;
|
||||
|
||||
iif lo accept comment "Accept any localhost traffic"
|
||||
ct state invalid drop comment "Drop invalid connections"
|
||||
ct state established,related accept comment "Accept traffic originated from us"
|
||||
|
||||
meta l4proto ipv6-icmp accept comment "Accept ICMPv6"
|
||||
meta l4proto icmp accept comment "Accept ICMP"
|
||||
ip protocol igmp accept comment "Accept IGMP"
|
||||
|
||||
ip6 nexthdr icmpv6 icmpv6 type nd-router-solicit accept
|
||||
ip6 nexthdr icmpv6 icmpv6 type nd-router-advert accept comment "Accept IPv6 router advertisements"
|
||||
udp dport dhcpv6-client accept comment "IPv6 DHCP"
|
||||
|
||||
ip6 nexthdr icmpv6 icmpv6 type { echo-request, nd-neighbor-solicit, nd-neighbor-advert, nd-router-solicit, nd-router-advert, mld-listener-query, destination-unreachable, packet-too-big, time-exceeded, parameter-problem } accept comment "Accept IPv6 ICMP and meta stuff"
|
||||
ip protocol icmp icmp type { echo-request, destination-unreachable, router-advertisement, time-exceeded, parameter-problem } accept comment "Accept IPv4 ICMP and meta stuff"
|
||||
ip protocol icmpv6 accept
|
||||
ip protocol icmp accept
|
||||
meta l4proto ipv6-icmp counter accept
|
||||
udp dport dhcpv6-client counter accept
|
||||
|
||||
udp dport mdns ip6 daddr ff02::fb accept comment "Accept mDNS"
|
||||
udp dport mdns ip daddr 224.0.0.251 accept comment "Accept mDNS"
|
||||
|
||||
tcp dport 2201 accept comment "Accept SSH on port 2201"
|
||||
tcp dport 53 accept comment "Accept DNS"
|
||||
udp dport 53 accept comment "Accept DNS"
|
||||
|
||||
tcp dport { 80, 443 } accept comment "Allow HTTP/HTTPS to server (see nat prerouting)"
|
||||
udp dport { 80, 443 } accept comment "Allow QUIC to server (see nat prerouting)"
|
||||
tcp dport { 22 } accept comment "Allow SSH to server (see nat prerouting)"
|
||||
tcp dport { 25565 } accept comment "Allow Minecraft server connections (see nat prerouting)"
|
||||
udp dport { 34197 } accept comment "Allow Factorio server connections (see nat prerouting)"
|
||||
|
||||
iifname "${lan}" accept comment "Allow local network to access the router"
|
||||
iifname "tailscale0" accept comment "Allow local network to access the router"
|
||||
|
||||
## ip6 saddr @LANv6 jump my_input_lan comment "Connections from private IP address ranges"
|
||||
## ip saddr @LANv4 jump my_input_lan comment "Connections from private IP address ranges"
|
||||
|
||||
iifname "${wan}" counter drop comment "Drop all other unsolicited traffic from wan"
|
||||
}
|
||||
|
||||
chain output {
|
||||
type filter hook output priority 0;
|
||||
accept
|
||||
}
|
||||
|
||||
chain forward {
|
||||
type filter hook forward priority 0;
|
||||
accept
|
||||
}
|
||||
|
||||
## chain forward {
|
||||
## type filter hook forward priority filter; policy drop;
|
||||
|
||||
## iifname { "${lan}" } oifname { "${wan}" } accept comment "Allow trusted LAN to WAN"
|
||||
## iifname { "tailscale0" } oifname { "${wan}" } accept comment "Allow trusted LAN to WAN"
|
||||
## iifname { "${wan}" } oifname { "${lan}" } ct state { established, related } accept comment "Allow established back to LAN"
|
||||
## }
|
||||
}
|
||||
|
||||
table ip nat {
|
||||
chain prerouting {
|
||||
type nat hook prerouting priority dstnat;
|
||||
|
||||
iifname ${lan} accept
|
||||
iifname tailscale0 accept
|
||||
|
||||
iifname ${wan} tcp dport {22} dnat to ${hosts.beefcake.ip}
|
||||
iifname ${wan} tcp dport {80, 443} dnat to ${hosts.beefcake.ip}
|
||||
iifname ${wan} udp dport {80, 443} dnat to ${hosts.beefcake.ip}
|
||||
iifname ${wan} tcp dport {26966} dnat to ${hosts.beefcake.ip}
|
||||
iifname ${wan} tcp dport {25565} dnat to ${hosts.bald.ip}
|
||||
iifname ${wan} udp dport {25565} dnat to ${hosts.bald.ip}
|
||||
iifname ${wan} udp dport {34197} dnat to ${hosts.beefcake.ip}
|
||||
}
|
||||
|
||||
chain postrouting {
|
||||
type nat hook postrouting priority 100; policy accept;
|
||||
oifname "${wan}" masquerade
|
||||
}
|
||||
}
|
||||
'';
|
||||
};
|
||||
|
||||
# NOTE: see flake.nix 'nnf.nixosModules.default'
|
||||
/*
|
||||
nftables.firewall = let
|
||||
me = config.networking.nftables.firewall.localZoneName;
|
||||
in {
|
||||
enable = true;
|
||||
snippets.nnf-common.enable = true;
|
||||
|
||||
zones = {
|
||||
${interfaces.wan.name} = {
|
||||
interfaces = [interfaces.wan.name interfaces.lan.name];
|
||||
};
|
||||
${interfaces.lan.name} = {
|
||||
parent = interfaces.wan.name;
|
||||
ipv4Addresses = [cidr];
|
||||
};
|
||||
## banned = {
|
||||
## ingressExpression = [
|
||||
## "ip saddr @banlist"
|
||||
## "ip6 saddr @banlist6"
|
||||
## ];
|
||||
## egressExpression = [
|
||||
## "ip daddr @banlist"
|
||||
## "ip6 daddr @banlist6"
|
||||
## ];
|
||||
## };
|
||||
};
|
||||
|
||||
rules = {
|
||||
dhcp = {
|
||||
from = "all";
|
||||
to = [hosts.beefcake.ip];
|
||||
allowedTCPPorts = [67];
|
||||
allowedUDPPorts = [67];
|
||||
};
|
||||
http = {
|
||||
from = "all";
|
||||
to = [me];
|
||||
allowedTCPPorts = [80 443];
|
||||
};
|
||||
router-ssh = {
|
||||
from = "all";
|
||||
to = [me];
|
||||
allowedTCPPorts = [2201];
|
||||
};
|
||||
server-ssh = {
|
||||
from = "all";
|
||||
to = [hosts.beefcake.ip];
|
||||
allowedTCPPorts = [22];
|
||||
};
|
||||
};
|
||||
};
|
||||
*/
|
||||
};
|
||||
|
||||
systemd.network = {
|
||||
enable = true;
|
||||
# wait-online.anyInterface = true;
|
||||
|
||||
# configure known names for the network interfaces
|
||||
links = {
|
||||
"20-${interfaces.wan.name}" = {
|
||||
enable = true;
|
||||
matchConfig = {
|
||||
MACAddress = interfaces.wan.mac;
|
||||
};
|
||||
linkConfig = {
|
||||
Name = interfaces.wan.name;
|
||||
};
|
||||
};
|
||||
"30-${interfaces.lan.name}" = {
|
||||
enable = true;
|
||||
matchConfig = {
|
||||
MACAddress = interfaces.lan.mac;
|
||||
};
|
||||
linkConfig = {
|
||||
Name = interfaces.lan.name;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
# configure networks for the interfaces
|
||||
networks = {
|
||||
# LAN configuration is very simple and mostly forwarded between
|
||||
# TODO: IPv6
|
||||
"50-${interfaces.lan.name}" = {
|
||||
matchConfig.Name = "${interfaces.lan.name}";
|
||||
linkConfig = {
|
||||
RequiredForOnline = "enslaved";
|
||||
# Name = interfaces.lan.name;
|
||||
};
|
||||
|
||||
address = [
|
||||
cidr
|
||||
];
|
||||
networkConfig = {
|
||||
# Description = "LAN network - connection to switch in house";
|
||||
ConfigureWithoutCarrier = true;
|
||||
# IPv6AcceptRA = false;
|
||||
IPv6SendRA = true;
|
||||
DHCPPrefixDelegation = true;
|
||||
};
|
||||
};
|
||||
|
||||
/*
|
||||
WAN configuration requires DHCP to get addresses
|
||||
we also disable some options to be certain we retain as much networking
|
||||
control as we reasonably can, such as not letting the ISP determine our
|
||||
hostname or DNS configuration
|
||||
TODO: IPv6 (prefix delegation)
|
||||
*/
|
||||
"40-${interfaces.wan.name}" = {
|
||||
matchConfig.Name = "${interfaces.wan.name}";
|
||||
networkConfig = {
|
||||
Description = "WAN network - connection to fiber ISP jack";
|
||||
DHCP = true;
|
||||
/*
|
||||
IPv6AcceptRA = true;
|
||||
IPv6PrivacyExtensions = true;
|
||||
IPForward = true;
|
||||
*/
|
||||
};
|
||||
dhcpV6Config = {
|
||||
/*
|
||||
ForceDHCPv6PDOtherInformation = true;
|
||||
UseHostname = false;
|
||||
UseDNS = false;
|
||||
UseNTP = false;
|
||||
*/
|
||||
PrefixDelegationHint = "::/56";
|
||||
};
|
||||
dhcpV4Config = {
|
||||
Hostname = hostname;
|
||||
UseHostname = false;
|
||||
UseDNS = false;
|
||||
UseNTP = false;
|
||||
UseSIP = false;
|
||||
UseRoutes = false;
|
||||
UseGateway = true;
|
||||
};
|
||||
linkConfig = {
|
||||
RequiredForOnline = "routable";
|
||||
# Name = interfaces.wan.name;
|
||||
};
|
||||
ipv6AcceptRAConfig = {
|
||||
DHCPv6Client = "always";
|
||||
UseDNS = false;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
services.resolved.enable = false;
|
||||
|
||||
/*
|
||||
dnsmasq serves as our DHCP and DNS server
|
||||
almost all the configuration should be derived from the values at the top of
|
||||
this file
|
||||
*/
|
||||
services.dnsmasq = {
|
||||
enable = true;
|
||||
settings = {
|
||||
listen-address = "::,127.0.0.1,${ip}";
|
||||
port = 53;
|
||||
|
||||
/*
|
||||
dhcp-authoritative = true;
|
||||
dnssec = true;
|
||||
*/
|
||||
enable-ra = true;
|
||||
|
||||
server = ["1.1.1.1" "9.9.9.9" "8.8.8.8"];
|
||||
|
||||
domain-needed = true;
|
||||
bogus-priv = true;
|
||||
no-resolv = true;
|
||||
|
||||
cache-size = "10000";
|
||||
|
||||
dhcp-range = with dhcp_lease_space; [
|
||||
"${interfaces.lan.name},${min},${max},${netmask},24h"
|
||||
"::,constructor:${interfaces.lan.name},ra-stateless,ra-names,4h"
|
||||
];
|
||||
except-interface = interfaces.wan.name;
|
||||
interface = interfaces.lan.name;
|
||||
dhcp-host =
|
||||
[
|
||||
]
|
||||
++ (lib.attrsets.mapAttrsToList (name: {
|
||||
ip,
|
||||
identifier ? name,
|
||||
time ? "12h",
|
||||
...
|
||||
}: "${name},${ip},${identifier},${time}")
|
||||
hosts);
|
||||
|
||||
address =
|
||||
[
|
||||
"/${hostname}.${domain}/${ip}"
|
||||
]
|
||||
++ (lib.lists.flatten (lib.attrsets.mapAttrsToList (name: {
|
||||
ip,
|
||||
additionalHosts ? [],
|
||||
identifier ? name,
|
||||
time ? "12h",
|
||||
}: [
|
||||
"/${name}.${domain}/${ip}"
|
||||
(lib.lists.forEach additionalHosts (h: "/${h}/${ip}"))
|
||||
])
|
||||
hosts));
|
||||
|
||||
# local domains
|
||||
local = "/lan/";
|
||||
domain = "lan";
|
||||
expand-hosts = true;
|
||||
|
||||
# don't use /etc/hosts as this would advertise surfer as localhost
|
||||
no-hosts = true;
|
||||
};
|
||||
};
|
||||
|
||||
/*
|
||||
since the home network reserves port 22 for ssh to the big server and to
|
||||
gitea, the router uses port 2201 for ssh
|
||||
*/
|
||||
services.openssh.listenAddresses = [
|
||||
{
|
||||
addr = "0.0.0.0";
|
||||
port = 2201;
|
||||
}
|
||||
{
|
||||
addr = "0.0.0.0";
|
||||
port = 22;
|
||||
}
|
||||
{
|
||||
addr = "[::]";
|
||||
port = 2201;
|
||||
}
|
||||
{
|
||||
addr = "[::]";
|
||||
port = 22;
|
||||
}
|
||||
];
|
||||
|
||||
services.fail2ban.enable = true;
|
||||
|
||||
system.stateVersion = "24.05";
|
||||
|
||||
/*
|
||||
NOTE: everything from here on is deprecated or old stuff
|
||||
|
||||
TODO: may not be strictly necessary for IPv6?
|
||||
TODO: also may not even be the best implementation?
|
||||
services.radvd = {
|
||||
enable = false;
|
||||
## NOTE: this config is just the default arch linux config I think and may
|
||||
## need tweaking? this is what I had on the arch linux router, though :shrug:
|
||||
config = ''
|
||||
interface lo
|
||||
{
|
||||
AdvSendAdvert on;
|
||||
MinRtrAdvInterval 3;
|
||||
MaxRtrAdvInterval 10;
|
||||
AdvDefaultPreference low;
|
||||
AdvHomeAgentFlag off;
|
||||
|
||||
prefix 2001:db8:1:0::/64
|
||||
{
|
||||
AdvOnLink on;
|
||||
AdvAutonomous on;
|
||||
AdvRouterAddr off;
|
||||
};
|
||||
|
||||
prefix 0:0:0:1234::/64
|
||||
{
|
||||
AdvOnLink on;
|
||||
AdvAutonomous on;
|
||||
AdvRouterAddr off;
|
||||
Base6to4Interface ppp0;
|
||||
AdvPreferredLifetime 120;
|
||||
AdvValidLifetime 300;
|
||||
};
|
||||
|
||||
route 2001:db0:fff::/48
|
||||
{
|
||||
AdvRoutePreference high;
|
||||
AdvRouteLifetime 3600;
|
||||
};
|
||||
|
||||
RDNSS 2001:db8::1 2001:db8::2
|
||||
{
|
||||
AdvRDNSSLifetime 30;
|
||||
};
|
||||
|
||||
DNSSL branch.example.com example.com
|
||||
{
|
||||
AdvDNSSLLifetime 30;
|
||||
};
|
||||
};
|
||||
'';
|
||||
};
|
||||
|
||||
TODO: old config, should be deleted ASAP
|
||||
services.dnsmasq = {
|
||||
enable = false;
|
||||
settings = {
|
||||
# server endpoints
|
||||
listen-address = "::1,127.0.0.1,${ip}";
|
||||
port = "53";
|
||||
|
||||
# DNS cache entries
|
||||
cache-size = "10000";
|
||||
|
||||
# local domain entries
|
||||
local = "/lan/";
|
||||
domain = "lan";
|
||||
expand-hosts = true;
|
||||
|
||||
dhcp-authoritative = true;
|
||||
|
||||
conf-file = "/usr/share/dnsmasq/trust-anchors.conf";
|
||||
dnssec = true;
|
||||
|
||||
except-interface = "${wan_if}";
|
||||
interface = "${lan_if}";
|
||||
|
||||
enable-ra = true;
|
||||
|
||||
# dhcp-option = "121,${cidr},${ip}";
|
||||
|
||||
dhcp-range = [
|
||||
"lan,${dhcp_lease_space.min},${dhcp_lease_space.max},${netmask},10m"
|
||||
"tag:${lan_if},::1,constructor:${lan_if},ra-names,12h"
|
||||
];
|
||||
|
||||
dhcp-host = [
|
||||
"${hosts.dragon.host},${hosts.dragon.ip},12h"
|
||||
"${hosts.beefcake.host},${hosts.beefcake.ip},12h"
|
||||
];
|
||||
|
||||
# may need to go in /etc/hosts (networking.extraHosts), too?
|
||||
address = [
|
||||
"/video.lyte.dev/192.168.0.9"
|
||||
"/git.lyte.dev/192.168.0.9"
|
||||
"/bw.lyte.dev/192.168.0.9"
|
||||
"/files.lyte.dev/192.168.0.9"
|
||||
"/vpn.h.lyte.dev/192.168.0.9"
|
||||
"/.h.lyte.dev/192.168.0.9"
|
||||
];
|
||||
|
||||
server = [
|
||||
"${ip}"
|
||||
"8.8.8.8"
|
||||
"8.8.4.4"
|
||||
"1.1.1.1"
|
||||
"1.0.0.1"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
TODO: old config, should be deleted ASAP
|
||||
nftables = {
|
||||
enable = false;
|
||||
flushRuleset = true;
|
||||
|
||||
tables = {
|
||||
filter = {
|
||||
family = "inet";
|
||||
content = ''
|
||||
chain input {
|
||||
# type filter hook input priority filter; policy accept;
|
||||
type filter hook input priority 0;
|
||||
|
||||
# anything from loopback interface
|
||||
iifname "lo" accept
|
||||
|
||||
# accept traffic we originated
|
||||
ct state { established, related } counter accept
|
||||
ct state invalid counter drop
|
||||
|
||||
# ICMP
|
||||
ip6 nexthdr icmpv6 icmpv6 type { echo-request, nd-neighbor-solicit, nd-neighbor-advert, nd-router-solicit, nd-router-advert, mld-listener-query, destination-unreachable, packet-too-big, time-exceeded, parameter-problem } counter accept
|
||||
ip protocol icmp icmp type { echo-request, destination-unreachable, router-advertisement, time-exceeded, parameter-problem } counter accept
|
||||
ip protocol icmpv6 counter accept
|
||||
ip protocol icmp counter accept
|
||||
meta l4proto ipv6-icmp counter accept
|
||||
udp dport dhcpv6-client counter accept
|
||||
|
||||
tcp dport { 64022, 22, 53, 67, 25565 } counter accept
|
||||
udp dport { 64020, 22, 53, 67 } counter accept
|
||||
|
||||
## iifname "iot" ip saddr $iot-ip tcp dport { llmnr } counter accept
|
||||
## iifname "iot" ip saddr $iot-ip udp dport { mdns, llmnr } counter accept
|
||||
iifname "${lan_if}" tcp dport { llmnr } counter accept
|
||||
iifname "${lan_if}" udp dport { mdns, llmnr } counter accept
|
||||
|
||||
counter drop
|
||||
}
|
||||
|
||||
# allow all outgoing
|
||||
chain output {
|
||||
type filter hook output priority 0;
|
||||
accept
|
||||
}
|
||||
|
||||
chain forward {
|
||||
type filter hook forward priority 0;
|
||||
accept
|
||||
}
|
||||
'';
|
||||
};
|
||||
|
||||
nat = {
|
||||
family = "ip";
|
||||
content = ''
|
||||
set masq_saddr {
|
||||
type ipv4_addr
|
||||
flags interval
|
||||
elements = { ${cidr} }
|
||||
}
|
||||
|
||||
map map_port_ipport {
|
||||
type inet_proto . inet_service : ipv4_addr . inet_service
|
||||
}
|
||||
|
||||
chain prerouting {
|
||||
iifname ${lan_if} accept
|
||||
|
||||
type nat hook prerouting priority dstnat + 1; policy accept;
|
||||
fib daddr type local dnat ip addr . port to meta l4proto . th dport map @map_port_ipport
|
||||
|
||||
iifname ${wan_if} tcp dport { 22, 80, 443, 25565, 64022 } dnat to ${hosts.beefcake.ip}
|
||||
iifname ${wan_if} udp dport { 64020 } dnat to ${hosts.beefcake.ip}
|
||||
|
||||
## iifname ${wan_if} tcp dport { 25565 } dnat to 192.168.0.244
|
||||
## iifname ${wan_if} udp dport { 25565 } dnat to 192.168.0.244
|
||||
|
||||
## router
|
||||
iifname ${wan_if} tcp dport { 2201 } dnat to ${ip}
|
||||
}
|
||||
|
||||
chain output {
|
||||
type nat hook output priority -99; policy accept;
|
||||
ip daddr != 127.0.0.0/8 oif "lo" dnat ip addr . port to meta l4proto . th dport map @map_port_ipport
|
||||
}
|
||||
|
||||
chain postrouting {
|
||||
type nat hook postrouting priority srcnat + 1; policy accept;
|
||||
oifname ${lan_if} masquerade
|
||||
ip saddr @masq_saddr masquerade
|
||||
}
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
TODO: also want to try to avoid using dhcpcd for IPv6 since systemd-networkd
|
||||
should be sufficient?
|
||||
dhcpcd = {
|
||||
enable = false;
|
||||
extraConfig = ''
|
||||
duid
|
||||
|
||||
## No way.... https://github.com/NetworkConfiguration/dhcpcd/issues/36#issuecomment-954777644
|
||||
## issues caused by guests with oneplus devices
|
||||
noarp
|
||||
|
||||
persistent
|
||||
vendorclassid
|
||||
|
||||
option domain_name_servers, domain_name, domain_search
|
||||
option classless_static_routes
|
||||
option interface_mtu
|
||||
option host_name
|
||||
#option ntp_servers
|
||||
|
||||
require dhcp_server_identifier
|
||||
slaac private
|
||||
noipv4ll
|
||||
noipv6rs
|
||||
|
||||
static domain_name_servers=${ip}
|
||||
|
||||
interface ${wan_if}
|
||||
gateway
|
||||
ipv6rs
|
||||
iaid 1
|
||||
## option rapid_commit
|
||||
## ia_na 1
|
||||
ia_pd 1 ${lan_if}
|
||||
|
||||
interface ${lan_if}
|
||||
static ip_address=${cidr}
|
||||
static routers=${ip}
|
||||
static domain_name_servers=${ip}
|
||||
'';
|
||||
};
|
||||
*/
|
||||
}
|
|
@ -1,362 +0,0 @@
|
|||
{
|
||||
flake,
|
||||
inputs,
|
||||
lib,
|
||||
# outputs,
|
||||
# config,
|
||||
# pkgs,
|
||||
...
|
||||
}: let
|
||||
# NOTE: I could turn this into a cool NixOS module?
|
||||
# TODO: review https://francis.begyn.be/blog/nixos-home-router
|
||||
ip = "192.168.0.1";
|
||||
cidr = "${ip}/16";
|
||||
netmask = "255.255.0.0";
|
||||
lease = {
|
||||
min = "192.168.0.5";
|
||||
max = "192.168.0.250";
|
||||
};
|
||||
wan_if = "wan0";
|
||||
lan_if = "lan0";
|
||||
hosts = {
|
||||
dragon = {
|
||||
identifier = "dragon";
|
||||
host = "dragon";
|
||||
ip = "192.168.0.10";
|
||||
};
|
||||
beefcake = {
|
||||
identifier = "beefcake";
|
||||
host = "beefcake";
|
||||
ip = "192.168.0.9";
|
||||
};
|
||||
};
|
||||
in {
|
||||
networking.hostName = "router";
|
||||
networking.domain = "h.lyte.dev";
|
||||
networking.useDHCP = false;
|
||||
|
||||
imports = [
|
||||
inputs.disko.nixosModules.disko
|
||||
flake.diskoConfigurations.unencrypted
|
||||
];
|
||||
|
||||
# TODO: perform a hardware scan
|
||||
|
||||
boot = {
|
||||
loader = {
|
||||
efi.canTouchEfiVariables = true;
|
||||
systemd-boot.enable = true;
|
||||
};
|
||||
kernel = {
|
||||
sysctl = {
|
||||
"net.ipv4.conf.all.forwarding" = true;
|
||||
"net.ipv6.conf.all.forwarding" = true;
|
||||
|
||||
"net.ipv6.conf.all.accept_ra" = 0;
|
||||
"net.ipv6.conf.all.autoconf" = 0;
|
||||
"net.ipv6.conf.all.use_tempaddr" = 0;
|
||||
|
||||
"net.ipv6.conf.wan0.accept_ra" = 2;
|
||||
# "net.ipv6.conf.wan0.autoconf" = 1;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
|
||||
|
||||
services.fail2ban.enable = true;
|
||||
services.radvd = {
|
||||
enable = true;
|
||||
# NOTE: this config is just the default arch linux config I think and may
|
||||
# need tweaking? this is what I had on the arch linux router, though :shrug:
|
||||
config = ''
|
||||
interface lo
|
||||
{
|
||||
AdvSendAdvert on;
|
||||
MinRtrAdvInterval 3;
|
||||
MaxRtrAdvInterval 10;
|
||||
AdvDefaultPreference low;
|
||||
AdvHomeAgentFlag off;
|
||||
|
||||
prefix 2001:db8:1:0::/64
|
||||
{
|
||||
AdvOnLink on;
|
||||
AdvAutonomous on;
|
||||
AdvRouterAddr off;
|
||||
};
|
||||
|
||||
prefix 0:0:0:1234::/64
|
||||
{
|
||||
AdvOnLink on;
|
||||
AdvAutonomous on;
|
||||
AdvRouterAddr off;
|
||||
Base6to4Interface ppp0;
|
||||
AdvPreferredLifetime 120;
|
||||
AdvValidLifetime 300;
|
||||
};
|
||||
|
||||
route 2001:db0:fff::/48
|
||||
{
|
||||
AdvRoutePreference high;
|
||||
AdvRouteLifetime 3600;
|
||||
};
|
||||
|
||||
RDNSS 2001:db8::1 2001:db8::2
|
||||
{
|
||||
AdvRDNSSLifetime 30;
|
||||
};
|
||||
|
||||
DNSSL branch.example.com example.com
|
||||
{
|
||||
AdvDNSSLLifetime 30;
|
||||
};
|
||||
};
|
||||
'';
|
||||
};
|
||||
|
||||
services.resolved = {
|
||||
enable = true;
|
||||
extraConfig = ''
|
||||
[Resolve]
|
||||
DNSStubListener=no
|
||||
'';
|
||||
};
|
||||
|
||||
services.dnsmasq = {
|
||||
enable = true;
|
||||
settings = {
|
||||
# server endpoints
|
||||
listen-address = "::1,127.0.0.1,${ip}";
|
||||
port = "53";
|
||||
|
||||
# DNS cache entries
|
||||
cache-size = "10000";
|
||||
|
||||
# local domain entries
|
||||
local = "/lan/";
|
||||
domain = "lan";
|
||||
expand-hosts = true;
|
||||
|
||||
dhcp-authoritative = true;
|
||||
|
||||
conf-file = "/usr/share/dnsmasq/trust-anchors.conf";
|
||||
dnssec = true;
|
||||
|
||||
except-interface = "${wan_if}";
|
||||
interface = "${lan_if}";
|
||||
|
||||
enable-ra = true;
|
||||
|
||||
# dhcp-option = "121,${cidr},${ip}";
|
||||
|
||||
dhcp-range = [
|
||||
"lan,${lease.min},${lease.max},${netmask},10m"
|
||||
"tag:${lan_if},::1,constructor:${lan_if},ra-names,12h"
|
||||
];
|
||||
|
||||
dhcp-host = [
|
||||
"${hosts.dragon.host},${hosts.dragon.ip},12h"
|
||||
"${hosts.beefcake.host},${hosts.beefcake.ip},12h"
|
||||
];
|
||||
|
||||
# may need to go in /etc/hosts (networking.extraHosts), too?
|
||||
address = [
|
||||
"/video.lyte.dev/192.168.0.9"
|
||||
"/git.lyte.dev/192.168.0.9"
|
||||
"/bw.lyte.dev/192.168.0.9"
|
||||
"/files.lyte.dev/192.168.0.9"
|
||||
"/vpn.h.lyte.dev/192.168.0.9"
|
||||
"/.h.lyte.dev/192.168.0.9"
|
||||
];
|
||||
|
||||
server = [
|
||||
"${ip}"
|
||||
"8.8.8.8"
|
||||
"8.8.4.4"
|
||||
"1.1.1.1"
|
||||
"1.0.0.1"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
networking.extraHosts = ''
|
||||
127.0.0.1 localhost
|
||||
127.0.1.1 router.h.lyte.dev router
|
||||
|
||||
::1 localhost ip6-localhost ip6-loopback
|
||||
ff02::1 ip6-allnodes
|
||||
ff02::2 ip6-allrouters
|
||||
|
||||
'';
|
||||
|
||||
networking.nat.enable = true; # TODO: maybe replace some of the nftables stuff with this?
|
||||
networking.firewall.enable = false;
|
||||
networking.nftables = {
|
||||
enable = true;
|
||||
flushRuleset = true;
|
||||
|
||||
tables = {
|
||||
filter = {
|
||||
family = "inet";
|
||||
content = ''
|
||||
chain input {
|
||||
# type filter hook input priority filter; policy accept;
|
||||
type filter hook input priority 0;
|
||||
|
||||
# anything from loopback interface
|
||||
iifname "lo" accept
|
||||
|
||||
# accept traffic we originated
|
||||
ct state { established, related } counter accept
|
||||
ct state invalid counter drop
|
||||
|
||||
# ICMP
|
||||
ip6 nexthdr icmpv6 icmpv6 type { echo-request, nd-neighbor-solicit, nd-neighbor-advert, nd-router-solicit, nd-router-advert, mld-listener-query, destination-unreachable, packet-too-big, time-exceeded, parameter-problem } counter accept
|
||||
ip protocol icmp icmp type { echo-request, destination-unreachable, router-advertisement, time-exceeded, parameter-problem } counter accept
|
||||
ip protocol icmpv6 counter accept
|
||||
ip protocol icmp counter accept
|
||||
meta l4proto ipv6-icmp counter accept
|
||||
|
||||
udp dport dhcpv6-client counter accept
|
||||
|
||||
tcp dport { 64022, 22, 53, 67, 25565 } counter accept
|
||||
udp dport { 64020, 22, 53, 67 } counter accept
|
||||
|
||||
# iifname "iot" ip saddr $iot-ip tcp dport { llmnr } counter accept
|
||||
# iifname "iot" ip saddr $iot-ip udp dport { mdns, llmnr } counter accept
|
||||
iifname "${lan_if}" tcp dport { llmnr } counter accept
|
||||
iifname "${lan_if}" udp dport { mdns, llmnr } counter accept
|
||||
|
||||
counter drop
|
||||
}
|
||||
|
||||
# allow all outgoing
|
||||
chain output {
|
||||
type filter hook output priority 0;
|
||||
accept
|
||||
}
|
||||
|
||||
chain forward {
|
||||
type filter hook forward priority 0;
|
||||
accept
|
||||
}
|
||||
'';
|
||||
};
|
||||
|
||||
nat = {
|
||||
family = "ip";
|
||||
content = ''
|
||||
set masq_saddr {
|
||||
type ipv4_addr
|
||||
flags interval
|
||||
elements = { ${cidr} }
|
||||
}
|
||||
|
||||
map map_port_ipport {
|
||||
type inet_proto . inet_service : ipv4_addr . inet_service
|
||||
}
|
||||
|
||||
chain prerouting {
|
||||
iifname ${lan_if} accept
|
||||
|
||||
type nat hook prerouting priority dstnat + 1; policy accept;
|
||||
fib daddr type local dnat ip addr . port to meta l4proto . th dport map @map_port_ipport
|
||||
|
||||
iifname ${wan_if} tcp dport { 22, 80, 443, 25565, 64022 } dnat to ${hosts.beefcake.ip}
|
||||
iifname ${wan_if} udp dport { 64020 } dnat to ${hosts.beefcake.ip}
|
||||
|
||||
# iifname ${wan_if} tcp dport { 25565 } dnat to 192.168.0.244
|
||||
# iifname ${wan_if} udp dport { 25565 } dnat to 192.168.0.244
|
||||
|
||||
# router
|
||||
iifname ${wan_if} tcp dport { 2201 } dnat to ${ip}
|
||||
}
|
||||
|
||||
chain output {
|
||||
type nat hook output priority -99; policy accept;
|
||||
ip daddr != 127.0.0.0/8 oif "lo" dnat ip addr . port to meta l4proto . th dport map @map_port_ipport
|
||||
}
|
||||
|
||||
chain postrouting {
|
||||
type nat hook postrouting priority srcnat + 1; policy accept;
|
||||
oifname ${lan_if} masquerade
|
||||
ip saddr @masq_saddr masquerade
|
||||
}
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
networking.dhcpcd = {
|
||||
enable = true;
|
||||
extraConfig = ''
|
||||
duid
|
||||
|
||||
# No way.... https://github.com/NetworkConfiguration/dhcpcd/issues/36#issuecomment-954777644
|
||||
# issues caused by guests with oneplus devices
|
||||
noarp
|
||||
persistent
|
||||
vendorclassid
|
||||
|
||||
option domain_name_servers, domain_name, domain_search
|
||||
option classless_static_routes
|
||||
option interface_mtu
|
||||
option host_name
|
||||
#option ntp_servers
|
||||
|
||||
require dhcp_server_identifier
|
||||
slaac private
|
||||
noipv4ll
|
||||
noipv6rs
|
||||
|
||||
static domain_name_servers=${ip}
|
||||
|
||||
interface ${wan_if}
|
||||
gateway
|
||||
ipv6rs
|
||||
iaid 1
|
||||
# option rapid_commit
|
||||
# ia_na 1
|
||||
ia_pd 1 ${lan_if}
|
||||
|
||||
interface ${lan_if}
|
||||
static ip_address=${cidr}
|
||||
static routers=${ip}
|
||||
static domain_name_servers=${ip}
|
||||
'';
|
||||
};
|
||||
|
||||
systemd.network = {
|
||||
enable = true;
|
||||
links = {
|
||||
"${wan_if}" = {
|
||||
enable = true;
|
||||
matchConfig = {
|
||||
MACAddress = "00:01:2e:82:73:59";
|
||||
};
|
||||
linkConfig = {
|
||||
Name = wan_if;
|
||||
};
|
||||
};
|
||||
"${lan_if}" = {
|
||||
enable = true;
|
||||
matchConfig = {
|
||||
MACAddress = "00:01:2e:82:73:5a";
|
||||
};
|
||||
linkConfig = {
|
||||
Name = lan_if;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
services.avahi = {
|
||||
enable = true;
|
||||
reflector = true;
|
||||
allowInterfaces = [
|
||||
lan_if
|
||||
];
|
||||
};
|
||||
|
||||
system.stateVersion = "23.11";
|
||||
}
|
92
nixos/thablet.nix
Normal file
92
nixos/thablet.nix
Normal file
|
@ -0,0 +1,92 @@
|
|||
{
|
||||
pkgs,
|
||||
lib,
|
||||
config,
|
||||
...
|
||||
}: {
|
||||
networking.hostName = "thablet";
|
||||
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
|
||||
services.fprintd = {
|
||||
# TODO: am I missing a driver? see arch wiki for this h/w
|
||||
enable = false;
|
||||
# tod.enable = true;
|
||||
# tod.driver = pkgs.libfprint-2-tod1-goodix;
|
||||
};
|
||||
|
||||
environment.systemPackages =
|
||||
#with pkgs;
|
||||
[];
|
||||
|
||||
# https://wiki.archlinux.org/title/Lenovo_ThinkPad_X1_Yoga_(Gen_3)#Using_acpi_call
|
||||
systemd.services.activate-touch-hack = {
|
||||
enable = true;
|
||||
description = "Touch wake Thinkpad X1 Yoga 3rd gen hack";
|
||||
|
||||
unitConfig = {
|
||||
After = ["suspend.target" "hibernate.target" "hybrid-sleep.target" "suspend-then-hibernate.target"];
|
||||
};
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = ''
|
||||
/bin/sh -c "echo '\\_SB.PCI0.LPCB.EC._Q2A' > /proc/acpi/call"
|
||||
'';
|
||||
};
|
||||
|
||||
wantedBy = ["suspend.target" "hibernate.target" "hybrid-sleep.target" "suspend-then-hibernate.target"];
|
||||
};
|
||||
|
||||
boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "usb_storage" "sd_mod"];
|
||||
boot.initrd.kernelModules = [];
|
||||
boot.kernelModules = ["kvm-intel" "acpi_call"];
|
||||
boot.extraModulePackages = with config.boot.kernelPackages; [acpi_call];
|
||||
|
||||
hardware = {
|
||||
cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
graphics = {
|
||||
enable = true;
|
||||
enable32Bit = true;
|
||||
extraPackages = with pkgs; [
|
||||
intel-media-driver
|
||||
intel-ocl
|
||||
intel-vaapi-driver
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
hardware.bluetooth = {
|
||||
enable = true;
|
||||
powerOnBoot = false;
|
||||
};
|
||||
|
||||
services.power-profiles-daemon = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
networking = {
|
||||
firewall = let
|
||||
terraria = 7777;
|
||||
stardew-valley = 24642;
|
||||
in {
|
||||
allowedTCPPorts = [terraria stardew-valley];
|
||||
allowedUDPPorts = [terraria stardew-valley];
|
||||
};
|
||||
};
|
||||
|
||||
home-manager.users.daniel = {
|
||||
wayland.windowManager.sway = {
|
||||
config = {
|
||||
output = {
|
||||
"AU Optronics 0x2236 Unknown" = {
|
||||
mode = "2560x1440@60Hz";
|
||||
position = "0,0";
|
||||
scale = toString 1.25;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
system.stateVersion = "24.05";
|
||||
}
|
|
@ -1,79 +0,0 @@
|
|||
{
|
||||
flake,
|
||||
inputs,
|
||||
outputs,
|
||||
lib,
|
||||
config,
|
||||
modulesPath,
|
||||
...
|
||||
}: {
|
||||
imports =
|
||||
[
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
inputs.disko.nixosModules.disko
|
||||
flake.diskoConfigurations.standard
|
||||
inputs.hardware.nixosModules.lenovo-thinkpad-x1-yoga
|
||||
]
|
||||
++ (with outputs.nixosModules; [
|
||||
desktop-usage
|
||||
gnome
|
||||
wifi
|
||||
]);
|
||||
|
||||
nixpkgs = {
|
||||
overlays = [
|
||||
outputs.overlays.additions
|
||||
outputs.overlays.modifications
|
||||
outputs.overlays.unstable-packages
|
||||
];
|
||||
config = {
|
||||
allowUnfree = true;
|
||||
};
|
||||
};
|
||||
|
||||
nix = {
|
||||
registry = lib.mapAttrs (_: value: {flake = value;}) inputs;
|
||||
nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
|
||||
|
||||
settings = {
|
||||
experimental-features = "nix-command flakes";
|
||||
auto-optimise-store = true;
|
||||
};
|
||||
};
|
||||
|
||||
# not necessarily "base", but all my machines are UEFI so...
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
|
||||
services.fprintd = {
|
||||
enable = true;
|
||||
# tod.enable = true;
|
||||
# tod.driver = pkgs.libfprint-2-tod1-goodix;
|
||||
};
|
||||
|
||||
environment.systemPackages =
|
||||
#with pkgs;
|
||||
[];
|
||||
|
||||
programs.steam.enable = true;
|
||||
programs.steam.remotePlay.openFirewall = true;
|
||||
|
||||
networking = {
|
||||
firewall = {
|
||||
enable = true;
|
||||
allowPing = true;
|
||||
allowedTCPPorts = [22];
|
||||
allowedUDPPorts = [];
|
||||
};
|
||||
};
|
||||
|
||||
boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "usb_storage" "sd_mod"];
|
||||
boot.initrd.kernelModules = [];
|
||||
boot.kernelModules = ["kvm-intel"];
|
||||
boot.extraModulePackages = [];
|
||||
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
|
||||
system.stateVersion = "23.11";
|
||||
}
|
20
nixos/thinker.nix
Normal file
20
nixos/thinker.nix
Normal file
|
@ -0,0 +1,20 @@
|
|||
{...}: {
|
||||
networking.hostName = "thinker";
|
||||
|
||||
boot = {
|
||||
loader = {
|
||||
efi.canTouchEfiVariables = true;
|
||||
systemd-boot.enable = true;
|
||||
};
|
||||
/*
|
||||
sudo filefrag -v /swap/swapfile | awk '$1=="0:" {print substr($4, 1, length($4)-2)}'
|
||||
the above won't work for btrfs, instead you need
|
||||
btrfs inspect-internal map-swapfile -r /swap/swapfile
|
||||
https://wiki.archlinux.org/title/Power_management/Suspend_and_hibernate#Hibernation_into_swap_file
|
||||
*/
|
||||
kernelParams = ["boot.shell_on_fail"];
|
||||
initrd.availableKernelModules = ["xhci_pci" "nvme" "ahci"];
|
||||
};
|
||||
|
||||
hardware.bluetooth.enable = true;
|
||||
}
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue