palo/nixos-config
palo/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions1

moved all to subfolder nixos

Browse source
This commit is contained in:
Ingolf Wagner 2021-09-25 20:28:25 +02:00
commit 15c6866362
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
263 changed files with 638 additions and 762 deletions

79
nixos/system/all/borg-jobs.nix Normal file
View file

@ -0,0 +1,79 @@
{ config, lib, ... }: {
options = {
backup.dirs = lib.mkOption {
default = [ ];
type = with lib.types; listOf str;
description = ''
folders to backup
'';
};
backup.exclude = lib.mkOption {
default = [ ];
type = with lib.types; listOf str;
description = ''
exclude files and folders matching a pattern.
Theses patterns effect all folders in `backup.dirs`.
see man borg pattern for more information
'';
example = [ ".git" "/home/*/.cache" ".stfolder" ];
};
};
config = let
servers = [
{
name = "workhorse";
host = "workhorse.private";
}
{
name = "pepe";
host = "pepe.private";
}
];
dirs = config.backup.dirs;
myHostname = config.networking.hostName;
setup = server: {
paths = config.backup.dirs;
exclude = config.backup.exclude;
doInit = true;
repo = "borg@${server}:./${myHostname}";
encryption = {
mode = "repokey-blake2";
# todo rename
# passCommand = "cat ${toString <secrets/backup/repo>}";
passCommand =
"cat ${config.sops.secrets.backup_repository_passphrase.path}";
};
environment.BORG_RSH =
"ssh -i ${toString config.sops.secrets.backup_ssh_rsa_private.path}";
compression = "auto,lzma";
startAt = "daily";
prune.keep = {
within = "10d"; # Keep all backups in the last 10 days.
weekly = 8; # Keep 8 additional end of week archives.
monthly = -1; # Keep end of month archive for every month
};
};
in {
sops.secrets.backup_repository_passphrase = { };
sops.secrets.backup_ssh_rsa_private = { };
services.borgbackup.jobs = let
setups = map ({ name, host }: { "${name}" = setup host; }) servers;
setupAttrs = lib.zipAttrsWith (_: vals: lib.head vals) setups;
nonEmptySetups =
lib.filterAttrs (_: { paths, ... }: builtins.length paths != 0)
setupAttrs;
in nonEmptySetups;
};
}

20
nixos/system/all/borg-scripts.nix Normal file
View file

@ -0,0 +1,20 @@
{ pkgs, lib, ... }: {
environment.systemPackages = let
createScript = command: host: repository:
pkgs.writers.writeBashBin
"borg-${command}-on-${host}-for-${repository}" ''
${pkgs.borgbackup}/bin/borg \
${command} \
--rsh='ssh -i ~/.ssh/card_rsa.pub' borg@${host}.private:${repository}/. \
"$@"
'';
hosts = [ "workhorse" "pepe" ];
repositories = [ "workhorse" "pepe" "sterni" "workout" ];
commands = [ "list" ];
in lib.flatten (map (command:
map
(host: map (repository: createScript command host repository) repositories)
hosts) commands);
}

87
nixos/system/all/default.nix Normal file
View file

@ -0,0 +1,87 @@
{ lib, config, pkgs, ... }: {
imports = [
../../modules
# needed
#<home-manager/nixos>
# cross-compiling
#<cleverca22/qemu.nix>
./grub.nix
./networking-qos.nix
./nginx-landingpage.nix
./nginx.nix
./packages.nix
./borg-jobs.nix
./borg-scripts.nix
./sshd-known-hosts-bootup.nix
./sshd-known-hosts-private.nix
./sshd-known-hosts-public.nix
./sshd.nix
./syncthing.nix
./tinc.nix
./on-failure.nix
./hosts.nix
];
# default backup excludes
backup.exclude = [ ".git" ".stfolder" ".stversions" ];
# provide overlays
# -----------------
nixpkgs.overlays = [ (import ../../pkgs) ];
# allow un-free
# -------------
nixpkgs.config.allowUnfree = true;
environment.variables.NIXPKGS_ALLOW_UNFREE = "1";
# some system stuff
# -----------------
time.timeZone = lib.mkDefault "Europe/Berlin";
#time.timeZone = lib.mkDefault "Pacific/Auckland";
#time.timeZone = lib.mkDefault "Asia/Singapore";
#time.timeZone = lib.mkDefault "Asia/Makassar";
# keyboard fiddling
i18n.defaultLocale = lib.mkDefault "en_US.UTF-8";
console.font = "Lat2-Terminus16";
console.keyMap = lib.mkDefault "us";
services.xserver.layout = lib.mkDefault "us";
# swappiness
# ----------
# 0 = only when running out of RAM
# 100 = always swapp
boot.kernel.sysctl."vm.swappiness" = 0;
# rewire NIX_PATH
# ---------------
environment.variables.NIX_PATH = lib.mkForce "/var/src";
# Shell configuration
# -------------------
programs.custom = {
bash.enable = true;
zsh.enable = true;
};
# Machines should be fast by default
# ----------------------------------
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
# set vim to the default editor
# -----------------------------
programs.vim.defaultEditor = true;
# This value determines the NixOS release with which your system is to be
# compatible, in order to avoid breaking some software such as database
# servers. You should change this only after NixOS release notes say you
# should.
system.stateVersion = "19.03"; # Did you read the comment?
}

21
nixos/system/all/grub.nix Normal file
View file

@ -0,0 +1,21 @@
{ pkgs, lib, config, ... }:
let
falloutGrubTheme = pkgs.fetchgit {
url = "https://github.com/shvchk/fallout-grub-theme.git";
rev = "fe27cbc99e994d50bb4269a9388e3f7d60492ffa";
sha256 = "1z8zc4k2mh8d56ipql8vfljvdjczrrna5ckgzjsdyrndfkwv8ghw";
};
in {
boot.loader.grub.extraConfig = ''
set theme=($drive1)//themes/fallout-grub-theme/theme.txt
'';
boot.loader.grub.splashImage = "${falloutGrubTheme}/background.png";
system.activationScripts.copyGrubTheme = ''
mkdir -p /boot/themes
cp -R ${falloutGrubTheme}/ /boot/themes/fallout-grub-theme
'';
}

5
nixos/system/all/hosts.nix Normal file
View file

@ -0,0 +1,5 @@
{
networking.extraHosts = ''
192.168.0.24 scanner
'';
}

126
nixos/system/all/networking-qos.nix Normal file
View file

@ -0,0 +1,126 @@
{ pkgs, config, lib, ... }: {
options.configuration.fireqos = with lib; {
enable = mkEnableOption "enable";
interface = mkOption {
default = "enp8s0";
type = with types; str;
};
# nix-shell -p speedtest_cli --run speedtest
input = mkOption {
default = 4200;
type = with types; int;
description = "in kbit";
};
# nix-shell -p speedtest_cli --run speedtest
output = mkOption {
default = 1200;
type = with types; int;
description = "in kbit";
};
balance = mkOption {
type = with types; bool;
description = ''
balance all, this will not prioritise anything.
'';
};
};
config = let
kbits = number:
import (pkgs.runCommand "round-${toString number}" { }
''awk 'BEGIN{printf "\"%ikbit\"", ${toString number}}' > $out'');
interface = config.configuration.fireqos.interface;
input = "${toString config.configuration.fireqos.input}kbit";
output = "${toString config.configuration.fireqos.output}kbit";
tincInput = kbits (config.configuration.fireqos.input * 0.7);
tincOutput = kbits (config.configuration.fireqos.output * 0.7);
useBalancedForExperimenting = false;
tincPorts =
lib.mapAttrsToList (name: configuration: toString configuration.port)
config.module.cluster.services.tinc;
in {
# https://firehol.org/tutorial/fireqos-new-user/
services.fireqos.enable = config.configuration.fireqos.enable;
systemd.services.fireqos.wantedBy = [ "multi-user.target" ];
services.fireqos.config = ''
# ------------------- world
interface ${interface} world-in input rate ${input} ${
lib.optionalString useBalancedForExperimenting "balanced"
}
class ssh commit 300kbit
match tcp port 22
class http commit 80%
match tcp port 80,443
class tinc commit 80%
match port ${lib.concatStringsSep "," tincPorts}
class surfing commit 30%
match tcp sports 0:1023 # include TCP traffic from port 0-1023
interface ${interface} world-out output rate ${output} ${
lib.optionalString useBalancedForExperimenting "balanced"
}
class ssh commit 500kbit
match tcp port 22
class http commit 80%
match tcp port 80,443
class tinc commit 80%
match port ${lib.concatStringsSep "," tincPorts}
class surfing commit 5%
match tcp dports 0:1023 # include TCP traffic to port 0-1023
# ------------------- tinc
interface tinc.private tinc bidirectional input rate ${tincInput} output rate ${tincOutput} ${
lib.optionalString useBalancedForExperimenting "balanced"
}
class ssh commit 300kbit
match dport 22 # ssh
match dport 2222 # gogs ssh
match udp dport 60001:60999 # mosh
# public servers
class public commit 80%
match port 80,443
match port 3000 # gogs
match port 8000 # bepasty
class homeassistant commit 100kbit
match tcp port ${toString config.services.home-assistant.port}
class prometheus commit 100kbit
match tcp port 19999 # netdata
match tcp port 9113 # netdata exporter
match port 11201 # graylog sink
class wuis commit 100kbit
match port 8384 # syncthing
match port 8123 # home-assistant
match port 5656 # grafana
match port 8080 # kodi
match port 9090 # prometheus
match port 9000 # graylog
class syncthing
match port 22000
'';
};
}

259
nixos/system/all/nginx-landingpage.nix Normal file
View file

@ -0,0 +1,259 @@
{ config, lib, pkgs, ... }: {
services.nginx.virtualHosts."mia.${config.networking.hostName}.private" = {
locations."/" = {
root = pkgs.landingpage.override {
jsonConfig = {
items = [{
items = [
{
label = "github";
href = "https://github.com/miaEngiadina";
image =
"https://media.giphy.com/media/l0MYEpMgixXtNRgrK/giphy.gif";
}
{
label = "Confluence";
href = "https://fysitech.atlassian.net/wiki/spaces/DI/overview";
image = "https://media.giphy.com/media/TfMcfnr6USBtm/giphy.gif";
}
{
label = "Kanban Board";
href =
"https://fysitech.atlassian.net/jira/software/projects/DPE/boards/1";
image =
"https://media.giphy.com/media/10zsjaH4g0GgmY/giphy.gif";
}
];
}];
};
};
};
};
services.nginx.virtualHosts."${config.networking.hostName}.private" = {
default = true;
locations."/" = {
root = pkgs.landingpage.override {
jsonConfig = {
items = [
{
# text = "hallo";
items = [
{
label = "Dashboard";
href = "http://grafana.workhorse.private";
image =
"https://media.giphy.com/media/eLmaUW5dJak2k/giphy.gif";
}
{
label = "Prometheus";
href = "http://prometheus.workhorse.private/";
image =
"https://media.giphy.com/media/1NLZYcJGLM9mo/giphy.gif";
}
{
label = "Graylog";
href = "http://graylog.workhorse.private/";
image =
"https://media.giphy.com/media/6oeRBKg7mwEZnSnYkn/giphy.gif";
}
{
label = "Jenkins";
href = "http://jenkins.workhorse.private/";
image =
"https://media.giphy.com/media/nQYnLFII2sFcQ/giphy.gif";
}
{
label = "HomeAssistant";
href = "http://pepe.private:8123/lovelace/view_overview";
image =
"https://media.giphy.com/media/3o6ZtosYxN9Eo3AAZq/giphy.gif";
}
{
label = "Kodi";
href = "http://porani.private:8080/";
image =
"https://media.giphy.com/media/d9wPasV7ukkta/giphy.gif";
}
{
label = "Hetzner Cloud";
href = "https://console.hetzner.cloud/projects";
image =
"https://media.giphy.com/media/NECZ8crkbXR0k/giphy.gif";
}
{
label = "Transmission";
href = "http://transmission.kruck.private/";
image =
"https://media.giphy.com/media/9ryQgA3d0BVoe7iZl0/giphy.gif";
}
{
label = "Pass the Popcorn";
href = "https://passthepopcorn.me/";
image =
"https://media.giphy.com/media/NipFetnQOuKhW/giphy.gif";
}
{
label = "redacted";
href = "https://redacted.ch/";
image =
"https://media.giphy.com/media/ku5EcFe4PNGWA/giphy.gif";
}
{
label = "Kibana Workhorse";
href = "http://kibana.workhorse.private/";
image =
"https://media.giphy.com/media/24sVlirH2qPTO/giphy.gif";
}
{
label = "Kibana Workout";
href = "http://kibana.workout.private/";
image =
"https://media.giphy.com/media/24sVlirH2qPTO/giphy.gif";
}
{
label = "Cups";
href = "http://localhost:631/";
image =
"https://media.giphy.com/media/7hU7x4GPurk2c/giphy.gif";
}
];
}
{
text = "Betfair";
items = [
{
label = "betfair";
href = "https://www.betfair.com/exchange/plus/football";
image =
"https://media.giphy.com/media/3og0ILXHf8hmHmET1C/giphy.gif";
}
{
label = "token";
href =
"https://docs.developer.betfair.com/visualisers/api-ng-account-operations/";
image =
"https://media.giphy.com/media/aeIlR57TpTimI/giphy.gif";
}
{
label = "api doku";
href =
"https://docs.developer.betfair.com/display/1smk3cen4v3lu3yomq5qye0ni/Reference+Guide";
image =
"https://media.giphy.com/media/11bKAQfWd0Yo0w/giphy.gif";
}
];
}
{
text = "Lektor";
items = [
{
label = "Terranix";
href = "http://terranix.schasch.private";
image =
"https://media.giphy.com/media/nGtOFccLzujug/giphy.gif";
}
{
label = "tech-blog";
href = "http://techblog.schasch.private";
image =
"https://media.giphy.com/media/nGtOFccLzujug/giphy.gif";
}
];
}
{
text = "NixOS";
items = [
{
label = "NixOS Manual";
href = "https://nixos.org/nixos/manual/";
image =
"https://media.giphy.com/media/dsdVyKkSqccEzoPufX/giphy.gif";
}
{
label = "Nixpkgs Manual";
href = "https://nixos.org/nixpkgs/manual/";
image =
"https://media.giphy.com/media/dsdVyKkSqccEzoPufX/giphy.gif";
}
{
label = "NixOS Reference";
href =
"https://storage.googleapis.com/files.tazj.in/nixdoc/manual.html#sec-functions-library";
image =
"https://media.giphy.com/media/LkjlH3rVETgsg/giphy.gif";
}
{
label = "Nix Packages";
href = "https://nixos.org/nixos/packages.html";
image =
"https://media.giphy.com/media/l2YWlohvjPnsvkdEc/giphy.gif";
}
{
label = "NixOS Options";
href = "https://nixos.org/nixos/options.html";
image =
"https://media.giphy.com/media/3fiw51MvIWcGjMhy9a/giphy.gif";
}
{
label = "NixOS Language specific helpers";
href =
"https://nixos.wiki/wiki/Language-specific_package_helpers";
image =
"https://media.giphy.com/media/LkjlH3rVETgsg/giphy.gif";
}
{
label = "NixOS Weekly";
href = "https://weekly.nixos.org/";
image =
"https://media.giphy.com/media/lXiRLb0xFzmreM8k8/giphy.gif";
}
{
label = "NixOS Security";
href = "https://broken.sh/";
image =
"https://media.giphy.com/media/BqILAHjH1Ttm0/giphy.gif";
}
{
label = "NixOS RFCs";
href = "https://github.com/NixOS/rfcs/";
image =
"https://media.giphy.com/media/Uq9bGjGKg08M0/giphy.gif";
}
];
}
{
text = "Syncthings";
items = map ({ name, host ? "${name}.private", ... }: {
label = name;
href = "http://${host}:8384/";
image =
"https://media.giphy.com/media/JoyU4vuzwj6ZA7Ging/giphy.gif";
}) (map (name: { inherit name; }) (lib.attrNames
config.module.cluster.services.tinc."private".hosts));
}
{
text = "netdata";
items = map ({ name, host ? "${name}.private", ... }: {
label = name;
href = "http://${host}:19999/";
image = "https://media.giphy.com/media/BkjdN6MQCDPaw/giphy.gif";
}) (map (name: { inherit name; }) [
"workhorse"
"porani"
"pepe"
"sputnik"
]
#(lib.attrNames config.module.cluster.services.tinc."private".hosts)
);
}
];
};
};
};
};
}

40
nixos/system/all/nginx.nix Normal file
View file

@ -0,0 +1,40 @@
{ pkgs, lib, ... }:
let
access_log_sink = "workhorse.private:12304";
error_log_sink = "workhorse.private:12305";
in {
security.acme.email = "contact@ingolf-wagner.de";
security.acme.acceptTerms = true;
services.nginx = {
# Use recommended settings
recommendedGzipSettings = lib.mkDefault true;
recommendedOptimisation = lib.mkDefault true;
recommendedProxySettings = lib.mkDefault true;
recommendedTlsSettings = lib.mkDefault true;
# for graylog logging
commonHttpConfig = ''
log_format graylog2_json escape=json '{ "timestamp": "$time_iso8601", '
'"facility": "nginx", '
'"src_addr": "$remote_addr", '
'"body_bytes_sent": $body_bytes_sent, '
'"request_time": $request_time, '
'"response_status": $status, '
'"request": "$request", '
'"request_method": "$request_method", '
'"host": "$host",'
'"upstream_cache_status": "$upstream_cache_status",'
'"upstream_addr": "$upstream_addr",'
'"http_x_forwarded_for": "$http_x_forwarded_for",'
'"http_referrer": "$http_referer", '
'"http_user_agent": "$http_user_agent" }';
access_log syslog:server=${access_log_sink} graylog2_json;
error_log syslog:server=${error_log_sink};
'';
};
services.nginx.package = pkgs.nginxMainline;
}

17
nixos/system/all/on-failure.nix Normal file
View file

@ -0,0 +1,17 @@
{ lib, ... }:
{
#on-failure = {
# enable = true;
# plans = {
# tinc_private.name = "tinc.private";
# tinc_retiolum.name = "tinc.retiolum";
# sshd.name = "sshd";
# tor.name = "tor";
# dnsmasq.name = "dnsmasq";
# #backup_on_workhorse.name = "backup.on-workhorse.private";
# #backup_on_workout.name = "backup.on-workout.private";
# #backup_on_porani.name = "backup.on-porani.private";
# syncthing.name = "syncthing";
# };
#};
}

105
nixos/system/all/packages.nix Normal file
View file

@ -0,0 +1,105 @@
{ config, pkgs, lib, ... }:
let
memoryUsage = pkgs.writers.writeDashBin "memory-total-usage" ''
echo " %CPU %MEM MEM : PROCESS"
echo "------- ------- ------------- -------"
ps aux | awk '{mem[$11]+=int($6/1024)}; {cpuper[$11]+=$3};{memper[$11]+=$4}; END {for (i in mem) {printf "%6.2f%% %6.2f%% %10.2f MB : %s\n", cpuper[i],memper[i],mem[i],i}}' | sort -k3nr | head -n 5
'';
prefetch-git-rendered =
pkgs.writeShellScriptBin "nix-prefetch-git-rendered" ''
${pkgs.nix-prefetch-scripts}/bin/nix-prefetch-git "$@" \
| ${pkgs.jq}/bin/jq --raw-output '"pkgs.fetchgit{
url = \"\(.url)\";
rev = \"\(.rev)\";
sha256 = \"\(.sha256)\";
};"'
'';
prefetch-url-rendered =
pkgs.writeShellScriptBin "nix-prefetch-url-rendered" ''
HASH=$( ${pkgs.nix}/bin/nix-prefetch-url "$1" )
cat <<EOF
pkgs.fetchurl {
url = "$1";
sha256 = "$HASH";
};
EOF
'';
storepath = let
dirname = "${pkgs.coreutils-full}/bin/dirname";
readlink = "${pkgs.coreutils-full}/bin/readlink";
in pkgs.writers.writeBashBin "storepath" ''
${dirname} $( ${readlink} $( type -p "$1" ) )
'';
in {
#imports = [ ./packages/llvm-config-dummy.nix ];
programs.tmux = {
enable = true;
clock24 = true;
historyLimit = 150000;
secureSocket = true;
};
environment.systemPackages = with pkgs; [
storepath
prefetch-git-rendered
prefetch-url-rendered
parallel
# windos/mac filesystems
ntfs3g
exfat
ag
bc
bridge-utils
file
git
htop
lsof
ncdu
tree
vim
wget
zip
unzip
jq
miller
tmux
screen
duc
memoryUsage
#gitlog2json
pciutils
(pkgs.writers.writeBashBin "ssl-check-cert-of-domain" ''
DOMAIN=$1
echo | \
${pkgs.openssl}/bin/openssl s_client -servername ''${DOMAIN} -connect ''${DOMAIN}:443 2>/dev/null | \
${pkgs.openssl}/bin/openssl x509 -text | \
${pkgs.less}/bin/less
'')
];
# configure navi
#environment.variables.NAVI_PATH = "$HOME/.cheats";
}

41
nixos/system/all/packages/llvm-config-dummy.nix Normal file
View file

@ -0,0 +1,41 @@
{ pkgs, config, lib, ... }:
with pkgs.lib; {
environment.systemPackages = let
llvm = pkgs.llvm;
llvm-config = pkgs.writers.writeBashBin "llvm-config" ''
while [[ $# -gt 0 ]]; do
arg="$1"
case $arg in
--assertion-mode)
echo "OFF"
;;
--bindir)
echo "${getBin llvm}/bin"
;;
--libdir)
echo "${getLib llvm}/lib"
;;
--includedir)
echo "${getDev llvm}/include"
;;
--prefix)
echo "${llvm.out}"
;;
--src-root)
echo "/build/llvm";
;;
--obj-root)
echo "/build/llvm/build";
;;
--cmakedir)
echo "${getDev llvm}/lib/cmake/llvm"
;;
*)
echo "Unhandled argument '$arg' passed to dummy llvm-config!"
exit 1
esac
shift
done
'';
in [ llvm-config ];
}

4
nixos/system/all/shell.nix Normal file
View file

@ -0,0 +1,4 @@
{ config, lib, ... }:
{
}

49
nixos/system/all/sshd-known-hosts-bootup.nix Normal file
View file

@ -0,0 +1,49 @@
{ config, lib, pkgs, ... }:
with lib;
let
computers = {
workhorse = {
onionId = fileContents ../../private_assets/onion_id_workhorse;
publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII/I4JBA1HHTH2xsrEM7xtxkhRDE42lZcBrdBvN46WTx";
};
porani = {
onionId = fileContents ../../private_assets/onion_id_porani;
publicKey =
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGFaTRGqMd/rKpyMUP6wVbgiWFOUvUV2qS/B5Xe02UUch/wxR4fTCY+vnzku5K0V/qqJpjYLgHotwZFqO/8lFu4=";
};
};
in {
services.openssh.knownHosts = mapAttrs' (name:
{ onionId, publicKey, ... }: {
name = "${name}-init-ssh";
value = {
hostNames = [ onionId ];
inherit publicKey;
};
}) computers;
environment.systemPackages = let
ssh = mapAttrsToList (name:
{ onionId, ... }:
pkgs.writers.writeDashBin "ssh-boot-to-${name}" ''
${pkgs.tor}/bin/torify ${pkgs.openssh}/bin/ssh root@${onionId} -p 23
'') computers;
password = mapAttrsToList (name:
{ onionId, ... }:
pkgs.writers.writeDashBin "unlock-boot-${name}" ''
${pkgs.tor}/bin/torify ${pkgs.openssh}/bin/ssh root@${onionId} -p 23 '
echo -n "enter password : "
read password
echo "$password" > /crypt-ramfs/passphrase
'
'') computers;
in ssh ++ password;
}

83
nixos/system/all/sshd-known-hosts-private.nix Normal file
View file

@ -0,0 +1,83 @@
# generated by updateSshKeys.sh
{ config, lib, ... }: {
services.openssh.knownHosts = {
"sternchen.secret" = {
hostNames = [
"sternchen.secret"
config.module.cluster.services.tinc.secret.hosts.sternchen.tincIp
];
publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILriD/0+65L1mkbjKENwpvB3wUMXz/rEf9J8wuJjJa0q";
};
"sterni.private" = {
hostNames = [
"sterni.private"
"sterni.secret"
config.module.cluster.services.tinc.private.hosts.sterni.tincIp
config.module.cluster.services.tinc.secret.hosts.sterni.tincIp
];
publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDyHmHJy2Va45p9mn+Hj3DyaY5yxnQIKvXeACHjzgSKt";
};
"workout.private" = {
hostNames = [
"workout.private"
"workout.lan"
config.module.cluster.services.tinc.private.hosts.workout.tincIp
];
publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICjotuQJHDaL0fPY7yA2dIBVWRYOkp7/ablY60psMQ6w";
};
"sputnik.private" = {
hostNames = [
"sputnik.private"
"sputnik.secret"
config.module.cluster.services.tinc.private.hosts.sputnik.tincIp
config.module.cluster.services.tinc.secret.hosts.sputnik.tincIp
];
publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICTLXDTqUtl0BQgzH1O7CRulGCRN1P4KU8imL/wjYFh8";
};
"workhorse.private" = {
hostNames = [
"workhorse.private"
"workhorse.secret"
config.module.cluster.services.tinc.private.hosts.workhorse.tincIp
config.module.cluster.services.tinc.secret.hosts.workhorse.tincIp
];
publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDaK0Vv33TuGQa/B5p54sGilgpYvfKkBaBGlEBpIk1QB";
};
"porani.secret" = {
hostNames = [
"porani.secret"
config.module.cluster.services.tinc.secret.hosts.porani.tincIp
];
publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOKNtRWVrqADgAMtTSWgnpp8gRKUtn4QUMFzQ78fC+aK";
};
"pepe.private" = {
hostNames = [
"pepe.private"
"pepe.lan"
config.module.cluster.services.tinc.private.hosts.pepe.tincIp
];
publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJPlva+Vdj8WmQPlbQLN3qicMz5AAsyTzK53BincxtAz";
};
"mobi.private" = {
hostNames = [
"mobi.private"
config.module.cluster.services.tinc.private.hosts.mobi.tincIp
];
publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGhBtcipW9rV6hHS2hv5tl5hd8vW8dnuFfFwnAs2u0kS";
};
"cracksucht.de" = {
hostNames = [ "cracksucht.de" ];
publicKey =
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVqpWzX+C7veO/1MDSdh5ukFhpI4cfXevbl6DVb9gVt1wdYB0JsiMiWfl13MZJy9iEP/KfwRLYmu8i36tDR9uJfHQyLK8G7q2DhrleIPgM3dFCdDU1QtulE8hEq/ZsqzMn/QIHYIipIqzNfmC/xnpX2gIo09T7EY+n863ALlj+GqxMb4nr2XDLY+Lllo2yMzylJIz9q8U5hOmzrlCnBpf2MPMwanHXnZXj2CmO80VyBHnAMJ/h72AN1qzDaHFlhxh0Li/POc1bpDjiVjiUPgimHZWpi3VObxWLLn2zf+RH2lx0yXMccSEnkWvHp+Ll5apIUUS+vTlDo3niWpEfGZLl root@debian";
};
};
}

96
nixos/system/all/sshd-known-hosts-public.nix Normal file
View file

@ -0,0 +1,96 @@
{ config, pkgs, lib, ... }:
with lib;
{
services.openssh.knownHosts = {
github = {
hostNames = [
"*.github.com"
# List generated with
# curl -sS https://api.github.com/meta | jq -r .git[] | cidr2glob
"192.30.252.*"
"192.30.253.*"
"192.30.254.*"
"192.30.255.*"
"185.199.108.*"
"185.199.109.*"
"185.199.110.*"
"185.199.111.*"
"13.229.188.59"
"13.250.177.223"
"18.194.104.89"
"18.195.85.27"
"35.159.8.160"
"52.74.223.119"
];
publicKey =
"ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==";
};
gitlab = {
hostNames = [ "gitlab.com" ];
publicKey =
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY=";
};
gitlab-bk = {
hostNames = [ "gitlab.bk-bund-berlin.de" "116.203.133.59" ];
publicKey =
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCG/sjnOlbrmpUliFtM5fmZTcm2wpUoP5OQEzFrrkkwhstCO9fMty9mp5qnKlezYA9+l78RTd218qFjSKYxTQNw=";
};
# space-left
gitlabSpaceLeft = {
hostNames = [ "git.space-left.org" ];
publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAapztj8I3xy6Ea8A1q7Mo5C6zdgsK1bguAXcKUDCRBO";
};
# c-base
"bnd-cbase" = {
hostNames = [ "bnd.cbrp3.c-base.org" ];
publicKey =
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKDknNl4M2WZChp1N/eRIpem2AEOceGIqvjo0ptBuwxUn0w0B8MGTVqoI+pnUVypORJRoNrLPOAkmEVr32BDN3E=";
};
"shell.cbase" = {
hostNames = [ "shell.c-base.org" ];
publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOBKBn0mZtG3KWxpFqqcog8zvdIVrZmwj+ARujuNIAfo";
};
"kgb.cbase" = {
hostNames = [ "kgb.cbrp3.c-base.org" ];
publicKey =
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAdyl7fnnCqomghJ1TDbh5FWFQWFwoO1Y1U/FpmWd8a9RcQvN0Izhg/7A+7ptDxbmpVii8hqfghlqUwtvVy7jo8=";
};
"cns.cbase" = {
hostNames = [ "cns.c-base.org" ];
publicKey =
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOtlyLA2nMK9Uqpv4EbWS+rZ9Mx4bAjURmH+zrXkuRGBcU1cKm+TZfWe9/rPX57KaMPBDyIygOJIsM2T5SqX90A=";
};
"lassulus" = {
hostNames = [ "[lassul.us]:45621" ];
publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsANFdMi825qWQXQbWLYuNZ6/fARt3lnh1KStQHQQMD";
};
renoise = {
hostNames = [ "*.renoise.com" "renoise.com" "94.130.128.97" ];
publicKey =
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLXxhBlYQJxgcLqKywpl1tI1N/+B5bkptAnR2a3tsRybq0IHZnIkSRGUYcu5zPwJT+bitVw8BvIaGzxI+Zm2ivE=";
};
git-renoise = {
hostNames = [ "[git.renoise.com]:2229" "[94.130.128.97]:2229" ];
publicKey =
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmIOTjQsD1TaD9MiECcRqwfAXfRdbI+2pkuF+zhBUkrX41NA4LzifPY4Iw3PlklE0YGIOzYyNitzkdgxIWkeqa0Y9iL3gGZBuLFORj5YXWlDKB2RrPAsZRL8y69y4H6RWPpL6DHHsf9eT+HgRzWzzn5nUFLfkCsuM96BqjIKN1pinIBcE6gst1UUSwSTjK8XZA5d4BiSrLF4HiNXnDm+qniYGbGkzZcjn1ua+l0GdGbfg9TotFnSK/QXgN3MeHHDZKnIjOIkOXCY+L5URe0RHo6pBFdj+BLr211AJhB52MrDNudQcY6eSQiJ08LeE6SkcrsQO/VZ/JnOkHxHd2mOyH";
};
"git.ingolf-wagner.de" = {
hostNames = [ "[git.ingolf-wagner.de]:443" ];
publicKey =
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCvJoz+6Ew0L518+jhue69hm0nEzVBuyUWDRUM3QnOQCCmGgFFXq+iTxgYoo2e3qYFUV0CmYK548ZKBB/nGUmrRwT06sJXtOCmVsBCMxBX6KNEBxKns8urQqWZ/ShzuKhpZmC9EuB25QVXCkUuc1aXtVgLng8Ucke/kOHE/HcwB4Sb7SCNP7pF4/mBpuH9cONs21HkxE6Aj85LSSJCRwiyL+WBEibDcDVy+W5hicAp/m7sL+sezFkNzru0X10G1kuC01+HZT8I5Be3xQ9llWkMkVaO5L7N9+SUXxZSMtwI9uEU8iPuXhb9ETyIR530kipydOljD6nA3hRC12nnE2T0d";
};
"siteground" = {
hostNames = [ "[es5.siteground.eu]:18765" "[37.60.224.6]:18765" ];
publicKey =
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHZuvHooyHa69rU+SfOghM6yfc7bce5cMi9sh5JkoLPi+m8QEkX3oiG9rRpAhp0GYnB74M4l1+0XlxmG7/HVmq0=";
};
};
}

19
nixos/system/all/sshd.nix Normal file
View file

@ -0,0 +1,19 @@
{ config, pkgs, lib, ... }:
with lib;
{
# not needed anymore
# programs.ssh.hostKeyAlgorithms = [ "ssh-rsa" "ssh-ed25519" "ecdsa-sha2-nistp256" ];
services.custom.ssh = {
tools.enable = true;
sshd = {
enable = true;
rootKeyFiles = [ (toString ../../assets/ssh/card_rsa.pub) ];
};
};
}

223
nixos/system/all/syncthing.nix Normal file
View file

@ -0,0 +1,223 @@
{ config, lib, pkgs, ... }:
with lib; {
services.syncthing = {
guiAddress = lib.mkDefault "${config.networking.hostName}.private:8384";
declarative = {
overrideDevices = true;
devices = let
device = name: id: {
"${name}" = {
name = name;
id = id;
addresses =
[ "tcp://${name}.private:22000" "tcp://${name}.private:21027" ];
};
};
in (device "workhorse"
"AFSAKB6-JLH4QAS-DSRMPI3-6PVCIHF-IIAVLPC-STPNO3Y-YRDU5NW-QD445QI")
// (device "pepe"
"SZLXFW3-VTAC7UB-V2Z7CHE-3VZAYPL-6D72AK6-OCDMPZP-G4FPY5P-FL6ZVAG")
// (device "workout"
"DZOOAKG-GI2SVOS-QEVMFL7-TRHVTPQ-ADIJEVH-RH5WV3J-6M7MJHC-C53EOAC")
// (device "sterni"
"ZFNNKPD-ZSOAYJQ-VROXXDB-5MD3UTJ-GDCNTSQ-G5POVV3-UZG5HFT-CCAU3AD") // {
"porani" = {
name = "porani";
id =
"6YOIA4E-X52ZD5Z-FPNWPRS-77QIMMU-VDIXVZB-6BPQN7A-FFJDU4W-EXEGFAI";
addresses =
[ "tcp://porani.secret:22000" "tcp://porani.secret:21027" ];
};
} // {
smartphone = {
name = "smartphone";
id =
"PRCA4KO-PEMLUSO-ERUSKAP-GUDSW2I-AYTEB54-E5JJOXJ-23X2UYP-RLSMKQM";
addresses = [ "dynamic" ];
};
} // {
bumba = {
name = "windows-bumba";
id =
"JS7PWTO-VKFGBUP-GNFLSWP-MGFJ2KH-HLO2LKW-V3RPCR6-PCB5SQC-42FCKQZ";
addresses = [ "dynamic" ];
};
} // {
mors = {
name = "lassulus-mors";
id =
"ZPRS57K-YK32ROQ-7A6MRAV-VOYXQ3I-CQCXISZ-C5PCV2A-GSFLG3I-K7UGGAH";
addresses = [ "tcp://mors.r:22000" ];
};
};
folders = {
# needs to be on encrypted drives
# -------------------------------
private = {
enable = lib.mkDefault false;
watch = false;
devices = [ "workout" "workhorse" "pepe" "sterni" ];
versioning = {
type = "simple";
params.keep = "10";
};
};
desktop = {
enable = lib.mkDefault false;
watch = false;
devices = [ "workout" "workhorse" "pepe" "sterni" ];
};
finance = {
enable = lib.mkDefault false;
watch = false;
devices = [ "workout" "workhorse" "pepe" "sterni" ];
versioning = {
type = "simple";
params.keep = "10";
};
};
fotos = {
enable = lib.mkDefault false;
watch = false;
devices = [ "workout" "workhorse" "pepe" "sterni" ];
versioning = {
type = "simple";
params.keep = "10";
};
};
zettlr = {
enable = lib.mkDefault false;
watch = true;
devices = [ "workout" "workhorse" "pepe" "sterni" ];
versioning = {
type = "simple";
params.keep = "10";
};
};
programs = {
enable = lib.mkDefault false;
watch = true;
devices = [ "workout" "sterni" ];
versioning = {
type = "simple";
params.keep = "1";
};
};
# no need to be stored on encrypted drives
# ----------------------------------------
borg-mirror = {
enable = lib.mkDefault false;
watch = false;
devices = [ "workhorse" "pepe" ];
};
books = {
enable = lib.mkDefault false;
id = "wwbvs-5lfbh";
watch = false;
devices = [ "workhorse" "pepe" "sterni" ];
versioning = {
type = "simple";
params.keep = "10";
};
};
lost-fotos = {
enable = lib.mkDefault false;
watch = false;
devices = [ "workhorse" "workout" "pepe" ];
versioning = {
type = "simple";
params.keep = "10";
};
};
movies = {
enable = lib.mkDefault false;
id = "vatmy-c2qf4";
watch = false;
devices = [ "workhorse" "pepe" "porani" ];
versioning = {
type = "simple";
params.keep = "3";
};
};
music-library = {
enable = lib.mkDefault false;
id = "gytmq-r2zrx";
watch = false;
devices = [ "porani" "workout" "workhorse" "pepe" "sterni" ];
versioning = {
type = "simple";
params.keep = "10";
};
};
music-library-free = {
enable = lib.mkDefault false;
id = "mu9mn-zgvsw";
watch = false;
devices = [ "workout" "workhorse" "pepe" "mors" ];
};
processing = {
enable = lib.mkDefault false;
watch = false;
devices = [ "workout" "workhorse" "pepe" "sterni" ];
versioning = {
type = "simple";
params.keep = "10";
};
};
music-projects = {
enable = lib.mkDefault false;
id = "acfhu-r4t4f";
watch = false;
devices = [ "workout" "workhorse" "pepe" "sterni" ];
versioning = {
type = "simple";
params.keep = "10";
};
};
smartphone-folder = {
enable = lib.mkDefault false;
watch = false;
devices = [ "workout" "workhorse" "sterni" "smartphone" "pepe" ];
};
samples = {
enable = lib.mkDefault false;
id = "pcgkj-tjucd";
watch = false;
devices = [ "workout" "workhorse" "sterni" "pepe" ];
};
series = {
enable = lib.mkDefault false;
id = "all-series";
watch = false;
devices = [ "workhorse" "porani" "pepe" ];
versioning = {
type = "simple";
params.keep = "10";
};
};
video-material = {
enable = lib.mkDefault false;
id = "wgkun-fec5h";
watch = false;
devices = [ "workout" "workhorse" "pepe" ];
versioning = {
type = "simple";
params.keep = "10";
};
};
windows-sync = {
enable = lib.mkDefault false;
id = "hcity-p5ikc";
watch = false;
devices = [ "bumba" "workout" ];
};
};
};
};
}

145
nixos/system/all/tinc.nix Normal file
View file

@ -0,0 +1,145 @@
{ config, pkgs, lib, ... }:
let
retiolum = pkgs.fetchgit {
url = "https://github.com/krebs/retiolum";
rev = "5b067937a10ea43f88f14cc6e0a5485c2ddcc826";
sha256 = "0kczrr6dr5dmhx2kbanw46w6ig2v3w42rqhjanv87xhwkgw81l08";
};
in {
imports = [ ../../modules ];
networking.firewall.trustedInterfaces = [ "tinc.private" ];
# nix-shell -p tinc_pre --run "tinc --config . generate-keys 4096"
module.cluster.services.tinc = {
"retiolum" = {
networkSubnet = "10.243.0.0/16";
port = 720;
extraConfig = ''
LocalDiscovery = yes
AutoConnect = yes
'';
privateEd25519KeyFile =
toString config.sops.secrets.tinc_ed25519_key.path;
privateRsaKeyFile = toString config.sops.secrets.tinc_rsa_key.path;
hosts = {
pepe = {
tincIp = "10.243.23.1";
publicKey = lib.fileContents ../../assets/tinc/retiolum/host_file;
};
sterni = {
tincIp = "10.243.23.3";
publicKey = lib.fileContents ../../assets/tinc/retiolum/host_file;
};
workhorse = {
tincIp = "10.243.23.5";
publicKey = lib.fileContents ../../assets/tinc/retiolum/host_file;
};
workout = {
tincIp = "10.243.23.4";
publicKey = lib.fileContents ../../assets/tinc/retiolum/host_file;
};
};
};
# nix-shell -p tinc_pre --run "tinc --config . generate-keys 4096"
"secret" = {
networkSubnet = "10.123.42.0/24";
port = 721;
extraConfig = ''
LocalDiscovery = yes
AutoConnect = yes
'';
privateEd25519KeyFile =
toString config.sops.secrets.tinc_ed25519_key.path;
privateRsaKeyFile = toString config.sops.secrets.tinc_rsa_key.path;
hosts = {
sternchen = {
tincIp = "10.123.42.25";
# publicKey = lib.fileContents ../../assets/tinc/sterni_host_file;
publicKey = lib.fileContents ../../assets/tinc/sternchen_host_file;
};
sterni = {
tincIp = "10.123.42.24";
# publicKey = lib.fileContents ../../assets/tinc/sterni_host_file;
publicKey = lib.fileContents ../../assets/tinc/workout_host_file;
};
porani = {
tincIp = "10.123.42.31";
publicKey = lib.fileContents ../../assets/tinc/porani_host_file;
};
workhorse = {
tincIp = "10.123.42.21";
publicKey = lib.fileContents ../../assets/tinc/workhorse_host_file;
};
sputnik = {
realAddress = [ "static.247.134.201.195.clients.your-server.de:721" ];
tincIp = "10.123.42.122";
publicKey = lib.fileContents ../../assets/tinc/sputnik_host_file;
};
};
};
# nix-shell -p tinc_pre --run "tinc --config . generate-keys 4096"
"private" = {
networkSubnet = "10.23.42.0/24";
extraConfig = ''
LocalDiscovery = yes
'';
privateEd25519KeyFile =
toString config.sops.secrets.tinc_ed25519_key.path;
privateRsaKeyFile = toString config.sops.secrets.tinc_rsa_key.path;
hosts = {
workout = {
tincIp = "10.23.42.27";
publicKey = lib.fileContents ../../assets/tinc/workout_host_file;
};
pepe = {
tincIp = "10.23.42.26";
publicKey = lib.fileContents ../../assets/tinc/pepe_host_file;
};
sterni = {
tincIp = "10.23.42.24";
# publicKey = lib.fileContents ../../assets/tinc/sterni_host_file;
publicKey = lib.fileContents ../../assets/tinc/workout_host_file;
};
mobi = {
tincIp = "10.23.42.23";
publicKey = lib.fileContents ../../assets/tinc/mobi_host_file;
};
#porani = {
# tincIp = "10.23.42.31";
# publicKey = lib.fileContents ../../assets/tinc/porani_host_file;
#};
workhorse = {
tincIp = "10.23.42.21";
publicKey = lib.fileContents ../../assets/tinc/workhorse_host_file;
};
sputnik = {
realAddress = [
"195.201.134.247"
"195.201.134.247:443"
"static.247.134.201.195.clients.your-server.de"
"static.247.134.201.195.clients.your-server.de:443"
];
tincIp = "10.23.42.122";
publicKey = lib.fileContents ../../assets/tinc/sputnik_host_file;
};
};
};
};
sops.secrets.tinc_ed25519_key = { };
sops.secrets.tinc_rsa_key = { };
# retiolum stuff
networking.extraHosts = builtins.readFile (toString "${retiolum}/etc.hosts");
systemd.services."tinc.retiolum" = {
preStart = ''
cp -R ${retiolum}/hosts /etc/tinc/retiolum/ || true
'';
};
}

72
nixos/system/desktop/audio.nix Normal file
View file

@ -0,0 +1,72 @@
{ config, lib, pkgs, ... }:
let
library = import ../../library { inherit pkgs lib; };
mixxxBin = pkgs.writeShellScriptBin "mixxx"
"${pkgs.mixxx}/bin/mixxx --settingsPath ${config.users.users.mainUser.home}/music-library/mixxx";
mixxxDesktop = library.desktopFile mixxxBin { longName = "Mixxx"; };
mixxxFreeBin = pkgs.writeShellScriptBin "mixxx-free"
"${pkgs.mixxx}/bin/mixxx --settingsPath ${config.users.users.mainUser.home}/music-library-free/mixxx";
mixxxFreeDesktop = library.desktopFile mixxxFreeBin { longName = "Mixxx"; };
in {
system.custom.audio = {
enable = true;
sinks = [{
name = "movieLimiterSink";
queue = [
{
# compress all sounds
plugin = "dyson_compress_1403";
label = "dysonCompress";
control = [
"0" # peak limit (dB)
"1" # release time (secons)
"0.2" # fast compression ration (unknown what that means)
"0.8" # compression ratio
];
}
{
# limit sound
plugin = "fast_lookahead_limiter_1913";
label = "fastLookaheadLimiter";
control = [
"20" # input gain (db)
"-10" # limit (db)
"1.1" # release time (s)
];
}
{
# avoid deep sounds
plugin = "dj_eq_1901";
label = "dj_eq";
control = [
"-9" # low gain (db) (100Hz)
"0" # mid gain (db) (1000Hz)
"0" # high gain (db) (10000Hz)
];
}
];
}];
};
programs.custom = {
easytag.enable = true;
espeak.enable = true;
};
environment.systemPackages = with pkgs; [
audacious
sox
id3v2
mixxxBin
mixxxDesktop
mixxxFreeBin
mixxxFreeDesktop
];
}

57
nixos/system/desktop/browser.nix Normal file
View file

@ -0,0 +1,57 @@
{ config, lib, ... }:
let
backupFolder = "~/desktop";
homeFolder = "/browsers";
in {
programs.custom.browser = {
enable = lib.mkDefault true;
configList = {
development = {
home = "${homeFolder}/development-browser";
homeBackup = "${backupFolder}/development-browser";
gpu = false;
};
google = {
home = "${homeFolder}/google-browser";
homeBackup = "${backupFolder}/google-browser";
gpu = true;
};
finance = {
home = "${homeFolder}/finance-browser";
homeBackup = "${backupFolder}/finance-browser";
gpu = false;
};
facebook = {
home = "${homeFolder}/facebook-browser";
homeBackup = "${backupFolder}/facebook-browser";
gpu = false;
};
shopping = {
home = "${homeFolder}/shopping-browser";
homeBackup = "${backupFolder}/shopping-browser";
gpu = false;
};
firefox-tmp = {
browserType = "firefox";
home = "${homeFolder}/firefox-tmp";
homeBackup = "${backupFolder}/firefox-tmp-browser";
gpu = false;
};
chromium-tmp = {
browserType = "chrome";
home = "${homeFolder}/chromium-tmp";
homeBackup = "${backupFolder}/chrome-tmp-browser";
gpu = false;
};
google-tmp = {
browserType = "google";
home = "${homeFolder}/google-tmp";
homeBackup = "${backupFolder}google-tmp-browser";
gpu = false;
};
};
};
}

13
nixos/system/desktop/cachix.nix Normal file
View file

@ -0,0 +1,13 @@
# WARN: this file will get overwritten by $ cachix use <name>
{ pkgs, lib, ... }:
let
folder = ./cachix;
toImport = name: value: folder + ("/" + name);
filterCaches = key: value: value == "regular" && lib.hasSuffix ".nix" key;
imports = lib.mapAttrsToList toImport
(lib.filterAttrs filterCaches (builtins.readDir folder));
in {
inherit imports;
nix.binaryCaches = [ "https://cache.nixos.org/" ];
}

8
nixos/system/desktop/cachix/all-hies.nix Normal file
View file

@ -0,0 +1,8 @@
{
nix = {
binaryCaches = [ "https://all-hies.cachix.org" ];
binaryCachePublicKeys =
[ "all-hies.cachix.org-1:JjrzAOEUsD9ZMt8fdFbzo3jNAyEWlPAwdVuHw4RD43k=" ];
};
}

80
nixos/system/desktop/default.nix Normal file
View file

@ -0,0 +1,80 @@
{ config, pkgs, lib, ... }: {
imports = [
../all
#./icecast.nix
./audio.nix
./browser.nix
./cachix.nix
./direnv.nix
./dnsmasq.nix
./home-manager.nix
./mail-stuff.nix
#./mc.nix
./network.nix
./packages.nix
./pass.nix
./remote-install.nix
./size.nix
./sshd.nix
./suspend.nix
./user.nix
./x11.nix
./xlock.nix
./yubikey.nix
./wtf.nix
];
system.custom.suspend.enable = lib.mkDefault true;
backup.dirs =
[ "/home/palo/.password-store" "/home/palo/.task" "/home/palo/.vit" ];
programs.custom = {
urxvt = {
enable = true;
colorTheme = "light";
};
xterm = {
enable = true;
colorTheme = "light";
};
shellTools.enable = true;
taskwarrior.enable = true;
curlScripts.enable = true;
git.enable = true;
citate.enable = true;
vim.enable = true;
};
services.urxvtd.enable = true;
system.custom.bluetooth.enable = true;
# temperature / power consumption
# https://linrunner.de/en/tlp/docs/tlp-linux-advanced-power-management.html
# todo fix this
#services.tlp.enable = false;
#services.thermald.enable = false;
# fucks up usb mouse
#powerManagement.powertop.enable = true;
# overwrite use zram on small RAM systems
fileSystems."/share" = lib.mkDefault {
device = "tmpfs";
fsType = "tmpfs";
};
# overwrite use zram on small RAM systems
fileSystems."/browsers" = lib.mkDefault {
device = "tmpfs";
fsType = "tmpfs";
};
}

14
nixos/system/desktop/direnv.nix Normal file
View file

@ -0,0 +1,14 @@
{ config, pkgs, ... }: {
environment.systemPackages = [ pkgs.direnv ];
home-manager.users.mainUser.programs.direnv.enable = true;
programs.zsh.interactiveShellInit = ''
eval "$(${pkgs.direnv}/bin/direnv hook zsh)"
'';
programs.bash.interactiveShellInit = ''
eval "$(${pkgs.direnv}/bin/direnv hook bash)"
'';
}

14
nixos/system/desktop/dnsmasq.nix Normal file
View file

@ -0,0 +1,14 @@
{ config, lib, pkgs, ... }:
with lib;
{
services.dnsmasq = {
enable = mkDefault true;
extraConfig = ''
${concatStringsSep "\n"
(flip mapAttrsToList config.module.cluster.services.tinc."private".hosts
(name: attrs: "address=/.${name}.private/${attrs.tincIp}"))}
'';
};
}

264
nixos/system/desktop/home-manager.nix Normal file
View file

@ -0,0 +1,264 @@
{ pkgs, lib, config, ... }:
with lib;
let
xmodmapConfig = pkgs.writeText "xmodmap" ''
!
! Swap Caps_Lock and Control_L
!
! replace capslock keys with Escape Keys
! remove Lock = Caps_Lock
clear Lock
add Lock = Scroll_Lock
keysym Caps_Lock = Escape
! Set Right function Key to Windows-key
keycode 135 = Super_R NoSymbol Super_R NoSymbol Super_R
! Map umlauts to RIGHT ALT + <key>
keycode 108 = Mode_switch
keysym e = e E EuroSign
keysym c = c C cent
keysym a = a A adiaeresis Adiaeresis
keysym o = o O odiaeresis Odiaeresis
keysym u = u U udiaeresis Udiaeresis
keysym s = s S ssharp
'';
in {
imports = [
./home-manager/dunst.nix
#./home-manager/spacemacs.nix
./home-manager/doom-emacs.nix
./home-manager/ssh.nix
./home-manager/xmonad.nix
];
# don't run autoload -U compinit && compinit before ~/.zshrc
programs.zsh.enableGlobalCompInit = lib.mkForce false;
home-manager.users.mainUser = {
home.file.".config/bugwarrior/bugwarriorrc".text = ''
[general]
targets = terranix
static_fields = priority
log.level = INFO
[terranix]
service = github
github.login = mrVanDalo
github.token = @oracle:eval:${pkgs.pass}/bin/pass development/github/mrVanDalo/bugwarriorAccessToken
github.username = mrVanDalo
github.default_priority =
github.description_template = {{githubtitle}} {{githuburl}}
github.add_tags = github
github.project_name = terranix
github.involved_issues = True
github.query = org:terranix is:open
github.include_user_issues = False
github.include_user_repos = False
'';
home.file.".zshrc".text = ''
# a fix for https://github.com/NixOS/nixpkgs/issues/27587
autoload -U compinit && compinit
'';
programs.git = {
enable = true;
userName = "Ingolf Wagner";
userEmail = "contact@ingolf-wagner.de";
signing = {
key = "42AC51C9482D0834CF488AF1389EC2D64AC71EAC";
signByDefault = true;
};
ignores = [ "*.swp" "*~" ".idea" ".*penis.*" ];
extraConfig = {
init.defaultBranch = "main";
pull.ff = "only";
};
};
programs.gpg = {
enable = true;
settings = {
auto-key-locate = "local";
keyid-format = "long";
utf8-strings = "";
verbose = "";
with-fingerprint = "";
keyserver = "keyserver.ubuntu.com";
personal-digest-preferences = "SHA512";
cert-digest-algo = "SHA512";
default-preference-list =
"SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed";
};
};
programs.htop = {
enable = true;
settings.highlight_base_name = true;
settings.tree_view = true;
};
xdg.configFile."albert/albert.conf".text = ''
[General]
hotkey=Meta+Space
showTray=false
telemetry=false
terminal=urxvt -e
[org.albert.extension.applications]
enabled=true
fuzzy=true
use_generic_name=true
use_keywords=true
[org.albert.extension.calculator]
enabled=true
[org.albert.extension.hashgenerator]
enabled=true
[org.albert.frontend.widgetboxmodel]
alwaysOnTop=true
clearOnHide=false
displayIcons=true
displayScrollbar=false
displayShadow=false
hideOnClose=false
hideOnFocusLoss=true
itemCount=5
showCentered=true
theme=SolarizedBrightViolet
'';
xdg.configFile."Code/User/settings.json".text = builtins.toJSON {
"keyboard.dispatch" = "keyCode";
"explorer.confirmDragAndDrop" = false;
"editor.tabSize" = 2;
"window.zoomLevel" = -1;
"git.enableSmartCommit" = true;
"files.autoSave" = "onFocusChange";
"terminal.integrated.setLocaleVariables" = true;
"terminal.external.linuxExec" = "xterm";
"explorer.confirmDelete" = false;
"todo-tree.tags" = [ "todo" "TODO" "fixme" "FIXME" ];
"workbench.colorTheme" = "Solarized Light";
};
xdg.configFile."mimeapps.list".text = ''
[Default Applications]
text/html=browser-select.desktop
x-scheme-handler/http=browser-select.desktop
x-scheme-handler/https=browser-select.desktop
x-scheme-handler/about=browser-select.desktop
x-scheme-handler/mailto=thunderbird.desktop;
x-scheme-handler/unknown=browser-select.desktop
image/png=sxiv.desktop
image/jpeg=sxiv.desktop
'';
home.file.".xprofile".text = ''
# load keyboard mappings
${pkgs.xorg.xmodmap}/bin/xmodmap ${xmodmapConfig}
# to allow sudo commands to access X
# todo : only allow the browsers and rambox access
${pkgs.xorg.xhost}/bin/xhost +
# no shitty pcspkr crap
${pkgs.xorg.xset}/bin/xset -b
# no sleeping monitor
${pkgs.xorg.xset}/bin/xset -dpms
${pkgs.xorg.xset}/bin/xset s off
${pkgs.flameshot}/bin/flameshot &
# cleanup xmonad
rm -f ~/.xmonad/xmonad.state
'';
xdg.configFile."khal/config".text = ''
[calendars]
[[local_calendar]]
path = ~/.calendars/*
type = discover
[locale]
timeformat = %H:%M
dateformat = %Y-%m-%d
longdateformat = %Y-%m-%d
datetimeformat = %Y-%m-%d %H:%M
longdatetimeformat = %Y-%m-%d %H:%M
'';
xdg.configFile."vdirsyncer/config".text = ''
[general]
# A folder where vdirsyncer can store some metadata about each pair.
status_path = "~/.vdirsyncer/status/"
# CALDAV
[pair my_calendar]
a = "nextcloud_calendar"
b = "local_calendar"
collections = ["from a", "from b"]
[storage nextcloud_calendar]
type = "caldav"
url = "https://nextcloud.ingolf-wagner.de/"
username = "palo"
password.fetch = ["command", "${pkgs.pass}/bin/pass", "home/nextcloud/vdirsyncer/password"]
[storage local_calendar]
type = "filesystem"
path = "~/.calendars/"
fileext = ".ics"
'';
};
environment.systemPackages = let
library = import ../../library { inherit pkgs lib; };
fixKeyboard = pkgs.writeScriptBin "fix-Keyboard" # sh
''
${pkgs.xorg.xmodmap}/bin/xmodmap ${xmodmapConfig}
'';
fixXhost = pkgs.writeScriptBin "fix-xhost" # sh
''
${pkgs.xorg.xhost}/bin/xhost + &> /dev/null
'';
fixX = pkgs.writeScriptBin "fix-X" # sh
''
${fixKeyboard}/bin/fix-Keyboard
for file in `ls ~/.screenlayout`
do
echo $file
~/.screenlayout/$file &> /dev/null
RETURN_CODE=$?
if [[ $RETURN_CODE -eq 0 ]]
then
exit 0;
fi
done
'';
in [
fixX
fixXhost
(library.desktopFile fixX { longName = "fix X"; })
fixKeyboard
(library.desktopFile fixKeyboard { longName = "fix keyboard"; })
];
}

11
nixos/system/desktop/home-manager/doom-emacs.nix Normal file
View file

@ -0,0 +1,11 @@
{ pkgs, ... }: {
home-manager.users.mainUser = {
programs.doom-emacs = {
enable = true;
doomPrivateDir = ./doom.d;
};
};
environment.systemPackages = [
pkgs.ripgrep
];
}

20
nixos/system/desktop/home-manager/doom.d/config.el Normal file
View file

@ -0,0 +1,20 @@
;; configure theme
(setq doom-theme 'doom-solarized-light)
; dotspacemacs-default-font '("Terminus"
; :size ${toString fontSize}
; :weight normal
; :width normal
; :powerline-scale 1.1)
;; "monospace" means use the system default. However, the default is usually two
;; points larger than I'd like, so I specify size 12 here.
;(setq doom-font (font-spec :family "JetBrainsMono" :size 12 :weight 'light)
; doom-variable-pitch-font (font-spec :family "Noto Serif" :size 13)
; ivy-posframe-font (font-spec :family "JetBrainsMono" :size 15))
(setq doom-font (font-spec :family "Terminus" :size 12 :weight 'light)
;doom-variable-pitch-font (font-spec :family "Noto Serif" :size 13)
;ivy-posframe-font (font-spec :family "JetBrainsMono" :size 15)
)

187
nixos/system/desktop/home-manager/doom.d/init.el Normal file
View file

@ -0,0 +1,187 @@
;;; init.el -*- lexical-binding: t; -*-
;; This file controls what Doom modules are enabled and what order they load
;; in. Remember to run 'doom sync' after modifying it!
;; NOTE Press 'SPC h d h' (or 'C-h d h' for non-vim users) to access Doom's
;; documentation. There you'll find a "Module Index" link where you'll find
;; a comprehensive list of Doom's modules and what flags they support.
;; NOTE Move your cursor over a module's name (or its flags) and press 'K' (or
;; 'C-c c k' for non-vim users) to view its documentation. This works on
;; flags as well (those symbols that start with a plus).
;;
;; Alternatively, press 'gd' (or 'C-c c d') on a module to browse its
;; directory (for easy access to its source code).
(doom! :input
;;chinese
;;japanese
;;layout ; auie,ctsrnm is the superior home row
:completion
company ; the ultimate code completion backend
;;helm ; the *other* search engine for love and life
;;ido ; the other *other* search engine...
ivy ; a search engine for love and life
:ui
;;deft ; notational velocity for Emacs
doom ; what makes DOOM look the way it does
doom-dashboard ; a nifty splash screen for Emacs
doom-quit ; DOOM quit-message prompts when you quit Emacs
;;(emoji +unicode) ; 🙂
hl-todo ; highlight TODO/FIXME/NOTE/DEPRECATED/HACK/REVIEW
;;hydra
;;indent-guides ; highlighted indent columns
;;ligatures ; ligatures and symbols to make your code pretty again
;;minimap ; show a map of the code on the side
modeline ; snazzy, Atom-inspired modeline, plus API
;;nav-flash ; blink cursor line after big motions
;;neotree ; a project drawer, like NERDTree for vim
ophints ; highlight the region an operation acts on
(popup +defaults) ; tame sudden yet inevitable temporary windows
;;tabs ; a tab bar for Emacs
;;treemacs ; a project drawer, like neotree but cooler
;;unicode ; extended unicode support for various languages
vc-gutter ; vcs diff in the fringe
vi-tilde-fringe ; fringe tildes to mark beyond EOB
;;window-select ; visually switch windows
workspaces ; tab emulation, persistence & separate workspaces
;;zen ; distraction-free coding or writing
:editor
(evil +everywhere); come to the dark side, we have cookies
file-templates ; auto-snippets for empty files
fold ; (nigh) universal code folding
;;(format +onsave) ; automated prettiness
;;god ; run Emacs commands without modifier keys
;;lispy ; vim for lisp, for people who don't like vim
;;multiple-cursors ; editing in many places at once
;;objed ; text object editing for the innocent
;;parinfer ; turn lisp into python, sort of
;;rotate-text ; cycle region at point between text candidates
snippets ; my elves. They type so I don't have to
;;word-wrap ; soft wrapping with language-aware indent
:emacs
dired ; making dired pretty [functional]
electric ; smarter, keyword-based electric-indent
;;ibuffer ; interactive buffer management
undo ; persistent, smarter undo for your inevitable mistakes
vc ; version-control and Emacs, sitting in a tree
:term
;;eshell ; the elisp shell that works everywhere
;;shell ; simple shell REPL for Emacs
;;term ; basic terminal emulator for Emacs
;;vterm ; the best terminal emulation in Emacs
:checkers
syntax ; tasing you for every semicolon you forget
;;(spell +flyspell) ; tasing you for misspelling mispelling
;;grammar ; tasing grammar mistake every you make
:tools
;;ansible
;;debugger ; FIXME stepping through code, to help you add bugs
;;direnv
;;docker
;;editorconfig ; let someone else argue about tabs vs spaces
;;ein ; tame Jupyter notebooks with emacs
(eval +overlay) ; run code, run (also, repls)
;;gist ; interacting with github gists
lookup ; navigate your code and its documentation
;;lsp ; M-x vscode
magit ; a git porcelain for Emacs
;;make ; run make tasks from Emacs
;;pass ; password manager for nerds
;;pdf ; pdf enhancements
;;prodigy ; FIXME managing external services & code builders
;;rgb ; creating color strings
;;taskrunner ; taskrunner for all your projects
;;terraform ; infrastructure as code
;;tmux ; an API for interacting with tmux
;;upload ; map local to remote projects via ssh/ftp
:os
(:if IS-MAC macos) ; improve compatibility with macOS
;;tty ; improve the terminal Emacs experience
:lang
;;agda ; types of types of types of types...
;;beancount ; mind the GAAP
;;cc ; C > C++ == 1
;;clojure ; java with a lisp
;;common-lisp ; if you've seen one lisp, you've seen them all
;;coq ; proofs-as-programs
;;crystal ; ruby at the speed of c
;;csharp ; unity, .NET, and mono shenanigans
;;data ; config/data formats
;;(dart +flutter) ; paint ui and not much else
;;elixir ; erlang done right
;;elm ; care for a cup of TEA?
emacs-lisp ; drown in parentheses
;;erlang ; an elegant language for a more civilized age
;;ess ; emacs speaks statistics
;;factor
;;faust ; dsp, but you get to keep your soul
;;fsharp ; ML stands for Microsoft's Language
;;fstar ; (dependent) types and (monadic) effects and Z3
;;gdscript ; the language you waited for
;;(go +lsp) ; the hipster dialect
;;(haskell +dante) ; a language that's lazier than I am
;;hy ; readability of scheme w/ speed of python
;;idris ; a language you can depend on
;;json ; At least it ain't XML
;;(java +meghanada) ; the poster child for carpal tunnel syndrome
;;javascript ; all(hope(abandon(ye(who(enter(here))))))
;;julia ; a better, faster MATLAB
;;kotlin ; a better, slicker Java(Script)
;;latex ; writing papers in Emacs has never been so fun
;;lean ; for folks with too much to prove
;;ledger ; be audit you can be
;;lua ; one-based indices? one-based indices
markdown ; writing docs for people to ignore
;;nim ; python + lisp at the speed of c
nix ; I hereby declare "nix geht mehr!"
;;ocaml ; an objective camel
org ; organize your plain life in plain text
;;php ; perl's insecure younger brother
;;plantuml ; diagrams for confusing people more
;;purescript ; javascript, but functional
;;python ; beautiful is better than ugly
;;qt ; the 'cutest' gui framework ever
;;racket ; a DSL for DSLs
;;raku ; the artist formerly known as perl6
;;rest ; Emacs as a REST client
;;rst ; ReST in peace
;;(ruby +rails) ; 1.step {|i| p "Ruby is #{i.even? ? 'love' : 'life'}"}
;;rust ; Fe2O3.unwrap().unwrap().unwrap().unwrap()
;;scala ; java, but good
;;(scheme +guile) ; a fully conniving family of lisps
sh ; she sells {ba,z,fi}sh shells on the C xor
;;sml
;;solidity ; do you need a blockchain? No.
;;swift ; who asked for emoji variables?
;;terra ; Earth and Moon in alignment for performance.
;;web ; the tubes
;;yaml ; JSON, but readable
;;zig ; C, but simpler
:email
;;(mu4e +gmail)
;;notmuch
;;(wanderlust +gmail)
:app
;;calendar
;;emms
;;everywhere ; *leave* Emacs!? You must be joking
;;irc ; how neckbeards socialize
;;(rss +org) ; emacs as an RSS reader
;;twitter ; twitter client https://twitter.com/vnought
:config
;;literate
(default +bindings +smartparens))

0
nixos/system/desktop/home-manager/doom.d/packages.el Normal file
View file

264
nixos/system/desktop/home-manager/dunst.nix Normal file
View file

@ -0,0 +1,264 @@
{ pkgs, ... }: {
home-manager.users.mainUser = {
services.dunst = {
enable = true;
settings = {
global = {
font = "Iosevka Term 11";
# Allow a small subset of html markup:
# <b>bold</b>
# <i>italic</i>
# <s>strikethrough</s>
# <u>underline</u>
#
# For a complete reference see
# <http://developer.gnome.org/pango/stable/PangoMarkupFormat.html>.
# If markup is not allowed, those tags will be stripped out of the
# message.
markup = "yes";
plain_text = "no";
# The format of the message. Possible variables are:
# %a appname
# %s summary
# %b body
# %i iconname (including its path)
# %I iconname (without its path)
# %p progress value if set ([ 0%] to [100%]) or nothing
# Markup is allowed
format = ''
%a
<b>%s</b>
%b'';
# Sort messages by urgency.
sort = "yes";
# Show how many messages are currently hidden (because of geometry).
indicate_hidden = "yes";
# Alignment of message text.
# Possible values are "left", "center" and "right".
alignment = "center";
# The frequency with wich text that is longer than the notification
# window allows bounces back and forth.
# This option conflicts with "word_wrap".
# Set to 0 to disable.
bounce_freq = 0;
# Show age of message if message is older than show_age_threshold
# seconds.
# Set to -1 to disable.
show_age_threshold = 1;
# Split notifications into multiple lines if they don't fit into
# geometry.
word_wrap = "yes";
# Ignore newlines '\n' in notifications.
ignore_newline = "no";
# Hide duplicate's count and stack them
stack_duplicates = "yes";
hide_duplicates_count = "no";
# The geometry of the window:
# [{width}]x{height}[+/-{x}+/-{y}]
# The geometry of the message window.
# The height is measured in number of notifications everything else
# in pixels. If the width is omitted but the height is given
# ("-geometry x2"), the message window expands over the whole screen
# (dmenu-like). If width is 0, the window expands to the longest
# message displayed. A positive x is measured from the left, a
# negative from the right side of the screen. Y is measured from
# the top and down respectevly.
# The width can be negative. In this case the actual width is the
# screen width minus the width defined in within the geometry option.
geometry = "500x10-0+0";
# Shrink window if it's smaller than the width. Will be ignored if
# width is 0.
shrink = "no";
# Don't remove messages, if the user is idle (no mouse or keyboard input)
# for longer than idle_threshold seconds.
# Set to 0 to disable.
idle_threshold = 0;
# The transparency of the window. Range: [0; 100].
# This option will only work if a compositing windowmanager is
# present (e.g. xcompmgr, compiz, etc.).
# transparency = 5
# Which monitor should the notifications be displayed on.
#monitor = keyboard
# Display notification on focused monitor. Possible modes are:
# mouse: follow mouse pointer
# keyboard: follow window with keyboard focus
# none: don't follow anything
#
# "keyboard" needs a windowmanager that exports the
# _NET_ACTIVE_WINDOW property.
# This should be the case for almost all modern windowmanagers.
#
# If this option is set to mouse or keyboard, the monitor option
# will be ignored.
follow = "none";
# Should a notification popped up from history be sticky or timeout
# as if it would normally do.
sticky_history = "yes";
# Maximum amount of notifications kept in history
history_length = 15;
# Display indicators for URLs (U) and actions (A).
show_indicators = "no";
# The height of a single line. If the height is smaller than the
# font height, it will get raised to the font height.
# This adds empty space above and under the text.
line_height = 3;
# Draw a line of "separatpr_height" pixel height between two
# notifications.
# Set to 0 to disable.
separator_height = 1;
# Padding between text and separator.
padding = 1;
# Horizontal padding.
horizontal_padding = 1;
# Define a color for the separator.
# possible values are:
# * auto: dunst tries to find a color fitting to the background;
# * foreground: use the same color as the foreground;
# * frame: use the same color as the frame;
# * anything else will be interpreted as a X color.
separator_color = "frame";
# Print a notification on startup.
# This is mainly for error detection, since dbus (re-)starts dunst
# automatically after a crash.
startup_notification = true;
# dmenu path.
dmenu = "${pkgs.dmenu}/bin/dmenu -p dunst:";
# Browser for opening urls in context menu.
# browser = /usr/bin/firefox -new-tab
# Align icons left/right/off
icon_position = "off";
max_icon_size = 80;
frame_width = 2;
frame_color = "#8EC07C";
};
shortcuts = {
# Shortcuts are specified as [modifier+][modifier+]...key
# Available modifiers are "ctrl", "mod1" (the alt-key), "mod2",
# "mod3" and "mod4" (windows-key).
# Xev might be helpful to find names for keys.
# Close notification.
close = "ctrl+space";
# Close all notifications.
close_all = "ctrl+shift+space";
# Redisplay last message(s).
# On the US keyboard layout "grave" is normally above TAB and left
# of "1".
#history = "ctrl+grave";
# Context menu.
context = "mod4+u";
};
urgency_low = {
frame_color = "#268bd2";
foreground = "#002b36";
background = "#fdf6e3";
#timeout = 1;
};
urgency_normal = {
frame_color = "#b58900";
foreground = "#002b36";
background = "#fdf6e3";
#timeout = 1;
};
urgency_critical = {
frame_color = "#dc322f";
foreground = "#002b36";
background = "#fdf6e3";
#timeout = 1;
};
};
# Every section that isn't one of the above is interpreted as a rules to
# override settings for certain messages.
# Messages can be matched by "appname", "summary", "body", "icon", "category",
# "msg_urgency" and you can override the "timeout", "urgency", "foreground",
# "background", "new_icon" and "format".
# Shell-like globbing will get expanded.
#
# SCRIPTING
# You can specify a script that gets run when the rule matches by
# setting the "script" option.
# The script will be called as follows:
# script appname summary body icon urgency
# where urgency can be "LOW", "NORMAL" or "CRITICAL".
#
# NOTE: if you don't want a notification to be displayed, set the format
# to "".
# NOTE: It might be helpful to run dunst -print in a terminal in order
# to find fitting options for rules.
#[espeak]
# summary = "*"
# script = dunst_espeak.sh
#[script-test]
# summary = "*script*"
# script = dunst_test.sh
#[ignore]
# # This notification will not be displayed
# summary = "foobar"
# format = ""
#[signed_on]
# appname = Pidgin
# summary = "*signed on*"
# urgency = low
#
#[signed_off]
# appname = Pidgin
# summary = *signed off*
# urgency = low
#
#[says]
# appname = Pidgin
# summary = *says*
# urgency = critical
#
#[twitter]
# appname = Pidgin
# summary = *twitter.com*
# urgency = normal
#
# vim: ft=cfg
};
};
}

259
nixos/system/desktop/home-manager/spacemacs.nix Normal file
View file

@ -0,0 +1,259 @@
{ pkgs, lib, config, ... }:
let
user = "mainUser";
userName = config.users.users.mainUser.name;
home = config.users.users.mainUser.home;
fontSize = config.programs.custom.urxvt.fontSize;
startupBanner = pkgs.fetchurl {
url =
"https://github.com/NixOS/nixos-homepage/raw/master/logo/nix-wiki.png";
sha256 = "1hrz7wr7i0b2bips60ygacbkmdzv466lsbxi22hycg42kv4m0173";
};
ticks = "\"''\"";
in {
environment.systemPackages = [
# needed for the SPC p g
pkgs.universal-ctags
pkgs.nodePackages.tern
pkgs.emacs
];
# download git repositories into the home folder
systemd.services = let
clone = repository: folder: branch: {
enable = true;
wantedBy = [ "multi-user.target" ];
description = "clone ${repository} to ${folder}";
serviceConfig.User = userName;
unitConfig.ConditionPathExists = "!${folder}";
script = ''
${pkgs.git}/bin/git clone ${repository} --branch ${branch} ${folder}
'';
};
in {
spacemacs-pull =
clone "https://github.com/syl20bnr/spacemacs" "${home}/.emacs.d" "master";
# todo move this to spacevim.nix
spacevim-pull =
clone "https://github.com/SpaceVim/SpaceVim.git" "${home}/.SpaceVim"
"master";
};
home-manager.users."${user}" = {
# a file which needs to be included at the end
home.file.".spacemacs.d/hook-init.el".text = ''
;; -*- mode: emacs-lisp -*-
;; just add (load "~/.spacemacs.d/hook-init.el") in your dotspacemacs/init function
;; overrides of dotspacemacs/init ()
(setq
;; List of themes, the first of the list is loaded when spacemacs starts.
;; Press <SPC> T n to cycle to the next theme in the list (works great
;; with 2 themes variants, one dark and one lixft:inconsolata:pixelsizeght)
dotspacemacs-themes '(solarized-light solarized-dark)
;; Specify the startup banner. Default value is `official', it displays
;; the official spacemacs logo. An integer value is the index of text
;; banner, `random' chooses a random text banner in `core/banners'
;; directory. A string value must be a path to an image format supported
;; by your Emacs build.
;; If the value is nil then no banner is displayed. (default 'official)
dotspacemacs-startup-banner "${startupBanner}"
;; Default font, or prioritized list of fonts. `powerline-scale' allows to
;; quickly tweak the mode-line size to make separators look not too crappy.
dotspacemacs-default-font '("Terminus"
:size ${toString fontSize}
:weight normal
:width normal
:powerline-scale 1.1)
) ;; eof
'';
home.file.".spacemacs.d/hook-layers.el".text = ''
;; -*- mode: emacs-lisp -*-
;; just add (load "~/.spacemacs.d/hook-layers.el") in your dotspacemacs/layers function
(let
((user-layers dotspacemacs-configuration-layers))
(setq
dotspacemacs-configuration-layers
(append user-layers
'( python
ansible
rust
windows-scripts
javascript
typescript
html
yaml
auto-completion
git
markdown
restclient
emacs-lisp
nixos
spell-checking
syntax-checking
systemd
lua
terraform
graphviz
c-c++
;; (haskell :variables
;; haskell-enable-hindent t
;; haskell-completion-backend 'lsp
;; haskell-enable-hindent-style "gibiansky"
;; haskell-process-type 'cabal-new-repl)
))))
(let
((user-packages dotspacemacs-additional-packages ))
(setq
dotspacemacs-additional-packages
(append user-packages
'(
;; lsp-mode
;; lsp-ui
;; lsp-haskell
direnv
))))
'';
# a file which needs to be included at the end
home.file.".spacemacs.d/hook-user-config.el".text = ''
;; -*- mode: emacs-lisp -*-
;; just add (load "~/.spacemacs.d/hook-user-config.el") in your dotspacemacs/user-config function
;; turn of smartparens mode off globally
;; https://github.com/Fuco1/smartparens
;;(spacemacs/toggle-smartparens-globally-off)
;;(remove-hook 'prog-mode-hook #'smartparens-mode)
(setq powerline-default-separator 'nil)
(let ((n 2))
(setq coffee-tab-width n)
(setq javascript-indent-level n)
(setq js-indent-level n)
(setq js2-basic-offset n)
(setq web-mode-markup-indent-offset n)
(setq web-mode-css-indent-offset n)
(setq web-mode-code-indent-offset n)
(setq css-indent-offset n))
;; configure indent function correctly
(add-hook 'nix-mode-hook
'(lambda ()
(setq indent-tabs-mode nil)
(setq tab-width 2)
(setq indent-line-function (quote nix-indent-line))))
;; lsp setup for haskell
;; hie-wrapper must be configured in the direnv setup
;; make sure cabal update was executed once on the machine
;; (setq lsp-haskell-process-path-hie "hie-wrapper")
;; (setq lsp-response-timeout 60)
;; (require 'lsp-haskell)
;; (add-hook 'haskell-mode-hook #'lsp)
(add-hook 'haskell-mode-hook #'direnv-update-environment)
;; setup run-assoc
;; in dired mode use C-<RETURN> to open file in associated program
(load "~/.spacemacs.d/run-assoc.el")
(setq associated-program-alist
'(
("${pkgs.evince}/bin/evince" "\\.pdf$")
("${pkgs.libreoffice}/bin/libreoffice" "\\.odt$")
("${pkgs.libreoffice}/bin/libreoffice" "\\.ods$")
${
let
suffixes = [ "jpg" "jpeg" "png" ];
rule = suffix: ''("${pkgs.sxiv}/bin/sxiv" "\\.${suffix}$")'';
in lib.concatStringsSep "\n " (builtins.map rule suffixes)
}
${
let
suffixes = [ "mp4" "mkv" "avi" ];
rule = suffix: ''("${pkgs.mpv}/bin/mpv" "\\.${suffix}$")'';
in lib.concatStringsSep "\n " (builtins.map rule suffixes)
}
)
)
'';
home.file.".spacemacs.d/run-assoc.el".source = pkgs.fetchurl {
url = "https://www.emacswiki.org/emacs/download/run-assoc.el";
sha256 = "1rg0pa09zfslgqnhbqvaa6vdi2fmanrpyzq67ppiin0h1kdgs4im";
};
home.file.".ctags.d/terraform.ctags".text = ''
--langdef=terraform
--langmap=terraform:.tf.tfvars
--regex-terraform=/^[[:space:]]*resource[[:space:]]*"([^"]*)"[[:space:]]*"([^"]*)"/\1.\2/r,Resource/
--regex-terraform=/^[[:space:]]*data[[:space:]]*"([^"]*)"[[:space:]]*"([^"]*)"/\1.\2/d,Data/
--regex-terraform=/^[[:space:]]*variable[[:space:]]*"([^"]*)"/\1/v,Variable/
--regex-terraform=/^[[:space:]]*provider[[:space:]]*"([^"]*)"/\1/p,Provider/
--regex-terraform=/^[[:space:]]*module[[:space:]]*"([^"]*)"/\1/m,Module/
--regex-terraform=/^[[:space:]]*output[[:space:]]*"([^"]*)"/\1/o,Output/
--regex-terraform=/^([a-z0-9_]+)[[:space:]]*=/\1/f,TFVar/
'';
home.file.".spacemacs.d/old/polymode.el".text = ''
;; not used at the moment
(define-hostmode poly-nix-hostmode
:mode 'nix-mode)
(define-innermode poly-nix-lisp-metadata-innermode
:mode 'emacs-lisp-mode
:head-matcher (rx "/* lisp */" (one-or-more space) ${ticks} (zero-or-more space) line-end)
:tail-matcher (rx ${ticks} (zero-or-more space) ";" (zero-or-more space) line-end)
:head-mode 'host
:tail-mode 'host)
(define-innermode poly-nix-shell-metadata-innermode
:mode 'shell-script-mode
:head-matcher (rx "/* sh */" (one-or-more space) ${ticks} (zero-or-more space) line-end)
:tail-matcher (rx ${ticks} (zero-or-more space) ";" (zero-or-more space) line-end)
:head-mode 'host
:tail-mode 'host)
(define-innermode poly-nix-python-metadata-innermode
:mode 'python-mode
:head-matcher (rx "/* python */" (one-or-more space) ${ticks} (zero-or-more space) line-end)
:tail-matcher (rx ${ticks} (zero-or-more space) ";" (zero-or-more space) line-end)
:head-mode 'host
:tail-mode 'host)
(define-innermode poly-nix-haskell-metadata-innermode
:mode 'haskell-mode
:head-matcher (rx "/* haskell */" (one-or-more space) ${ticks} (zero-or-more space) line-end)
:tail-matcher (rx ${ticks} (zero-or-more space) ";" (zero-or-more space) line-end)
:head-mode 'host
:tail-mode 'host)
(define-polymode poly-nix-mode
:hostmode 'poly-nix-hostmode
:innermodes '(poly-nix-lisp-metadata-innermode
poly-nix-shell-metadata-innermode
poly-nix-haskell-metadata-innermode
poly-nix-python-metadata-innermode))
;; remove nix-mode from auto load and replace it with poly-nix-mode
(setq auto-mode-alist (rassq-delete-all 'nix-mode auto-mode-alist))
(add-to-list 'auto-mode-alist '("\\.nix\\'" . poly-nix-mode))
'';
};
}

38
nixos/system/desktop/home-manager/spacevim.nix Normal file
View file

@ -0,0 +1,38 @@
{ lib, pkgs, ... }: {
environment.systemPackages = let
spacevimRepo = pkgs.fetchgit {
url = "https://github.com/SpaceVim/SpaceVim.git";
rev = "9b354e05b4716b645ba6366e1265a5048a0c23d5";
sha256 = "1mn28hf857kp0jmbgd89cf5mk4dg53jcbqqrbr9zi3b854sa9ads";
};
vimRc = pkgs.writeText "vimrc" ''
" search/grep case insensitive
:set ignorecase
" tabs should always be 2 spaces
set et ts=2 sts=2 sw=2
" show Trailing Whitespaces
:set list listchars=tab:»·,trail:
" start spacevim
source ${spacevimRepo}/init.vim
" configure command cross
"":hi CursorLine cterm=NONE ctermbg=0 guibg=#073642
"":hi CursorColumn cterm=NONE ctermbg=0 guibg=#073642
""set cursorline
""set cursorcolumn
" disable noisy indentLine
let g:indentLine_enabled = 0
'';
in [
# vim
(pkgs.writers.writeDashBin "spacevim" ''
exec ${pkgs.neovim}/bin/nvim -u ${vimRc} "$@"
'')
];
}

79
nixos/system/desktop/home-manager/ssh.nix Normal file
View file

@ -0,0 +1,79 @@
{ lib, ... }:
with lib; {
home-manager.users.mainUser = {
programs.ssh.enable = true;
programs.ssh.matchBlocks = {
"lassul.us" = {
identityFile = "~/.ssh/card_rsa.pub";
identitiesOnly = true;
user = "download";
port = 45621;
};
"*.r" = {
identityFile = "~/.ssh/card_rsa.pub";
identitiesOnly = true;
user = "root";
};
"*.secret" = {
identityFile = "~/.ssh/card_rsa.pub";
identitiesOnly = true;
user = "root";
};
"*.private" = {
identityFile = "~/.ssh/card_rsa.pub";
identitiesOnly = true;
user = "root";
};
"*.lan" = {
identityFile = "~/.ssh/card_rsa.pub";
identitiesOnly = true;
user = "root";
};
"*.ingolf-wagner.de" = {
identityFile = "~/.ssh/card_rsa.pub";
identitiesOnly = true;
extraOptions.HostKeyAlgorithms = "ssh-rsa";
user = "root";
};
"git.renoise.com" = {
identityFile = "~/.ssh/card_rsa.pub";
identitiesOnly = true;
extraOptions.HostKeyAlgorithms = "ssh-rsa";
};
"*.renoise.com" = {
identityFile = "~/.ssh/card_rsa.pub";
identitiesOnly = true;
};
"*.sononym.net" = {
identityFile = "~/.ssh/card_rsa.pub";
identitiesOnly = true;
};
"github.com" = {
identityFile = "~/.ssh/card_rsa.pub";
identitiesOnly = true;
hostname = "ssh.github.com";
user = "root";
};
"es5.siteground.eu" = {
identityFile = "~/.ssh/card_rsa.pub";
identitiesOnly = true;
user = "ingolfwa";
port = 18765;
};
"bitbucket.org" = {
identityFile = "~/.ssh/card_rsa.pub";
identitiesOnly = true;
};
"static.247.134.201.195.clients.your-server.de" = {
identityFile = "~/.ssh/card_rsa.pub";
identitiesOnly = true;
};
"*.onion" = {
identityFile = "~/.ssh/card_rsa.pub";
identitiesOnly = true;
user = "root";
};
};
};
}

56
nixos/system/desktop/home-manager/xmonad.nix Normal file
View file

@ -0,0 +1,56 @@
{ pkgs, lib, config, ... }:
let
background-repo = pkgs.fetchgit {
url = "https://git.ingolf-wagner.de/palo/image-generator-lib";
rev = "95bc53de0b73917c5571a061a6702c71c9bf173e";
sha256 = "1x14pknv0v38x0g5sf6k25g9w7r7j0mndazq5ixjvybwdynk25kw";
};
nixCommands = { height, width }:
pkgs.writeText "NixCommands.hs" # haskell
''
module NixCommands where
nixStartIrc = "${pkgs.rxvt_unicode}/bin/urxvt -e irc"
nixStartAudacious = "${pkgs.audacious}/bin/audacious"
nixStartFlameshot = "${pkgs.flameshot}/bin/flameshot gui -p /share/"
nixInvertColors = "${pkgs.xcalib}/bin/xcalib -invert -alter"
nixStartRedshift = "${pkgs.redshift}/bin/redshift -O 6100 -g 0.9:0.9:0.9 -b 0.9"
nixResetRedshift = "${pkgs.redshift}/bin/redshift -x"
nixSetCursorImage = "${pkgs.xorg.xsetroot}/bin/xsetroot -cursor_name left_ptr"
nixSetBackground = "${pkgs.polygon-art}/bin/rings --height ${
toString height
} --width ${
toString width
} /dev/shm/background.png && ${pkgs.feh}/bin/feh --bg-scale /dev/shm/background.png"
nixStartAlbert = "${pkgs.albert}/bin/albert"
nixStartCopyq = "${pkgs.copyq}/bin/copyq"
nixShowCopyq = "${pkgs.copyq}/bin/copyq show"
nixStartTerminal = "${pkgs.rxvt_unicode}/bin/urxvtc"
nixAlsaRaiseVolume = "${pkgs.alsaUtils}/bin/amixer set Master 5%+"
nixAlsaLowerVolume = "${pkgs.alsaUtils}/bin/amixer set Master 5%-"
nixAlsaMute = "${pkgs.alsaUtils}/bin/amixer set Master toggle"
nixNotifySend = "${pkgs.libnotify}/bin/notify-send"
'';
in {
home-manager.users.mainUser = {
home.file.".xmonad/xmonad.hs".source = ./xmonad/Main.hs;
home.file.".xmonad/lib/NixCommands.hs".source = nixCommands {
height = config.configuration.desktop.height;
width = config.configuration.desktop.width;
};
home.file.".xmonad/lib/SolarizedLight.hs".source =
./xmonad/SolarizedLight.hs;
home.file.".xmonad/lib/SolarizedDark.hs".source = ./xmonad/SolarizedDark.hs;
home.file.".xmonad/lib/FloatKeys.hs".source = ./xmonad/FloatKeys.hs;
home.file.".xmonad/lib/TabbedFix.hs".source = ./xmonad/TabbedFix.hs;
home.file.".xmonad/lib/BoringWindows.hs".source = ./xmonad/BoringWindows.hs;
home.file.".xmonad/lib/Memo.hs".source = ./xmonad/Memo.hs;
home.file.".xmonad/lib/SubLayouts.hs".source = ./xmonad/SubLayouts.hs;
home.file.".xmonad/xmonad.cabal".source = ./xmonad/palos-xmonad.cabal;
home.file.".xmonad/Main.hs".source = ./xmonad/Main.hs;
};
}

4
nixos/system/desktop/home-manager/xmonad/.envrc Normal file
View file

@ -0,0 +1,4 @@
use nix ./env.nix
use nix ./lsp.nix
use nix ./shell.nix

24
nixos/system/desktop/home-manager/xmonad/.gitignore vendored Normal file
View file

@ -0,0 +1,24 @@
dist
dist-*
cabal-dev
*_flymake.hs
*.o
*.hi
*.hie
*.chi
*.chs.h
*.dyn_o
*.dyn_hi
.hpc
.hsenv
.cabal-sandbox/
cabal.sandbox.config
*.prof
*.aux
*.hp
*.eventlog
.stack-work/
cabal.project.local
cabal.project.local~
.HTF/
.ghc.environment.*

153
nixos/system/desktop/home-manager/xmonad/BoringWindows.hs Normal file
View file

@ -0,0 +1,153 @@
{-# LANGUAGE TypeSynonymInstances, MultiParamTypeClasses, DeriveDataTypeable #-}
{-# LANGUAGE PatternGuards, FlexibleContexts, FlexibleInstances #-}
-- copy because
-- * export IsBoring
-----------------------------------------------------------------------------
-- |
-- Module : XMonad.Layout.BoringWindows
-- Copyright : (c) 2008 David Roundy <droundy@darcs.net>
-- License : BSD3-style (see LICENSE)
--
-- Maintainer : Adam Vogt <vogt.adam@gmail.com>
-- Stability : unstable
-- Portability : unportable
--
-- BoringWindows is an extension to allow windows to be marked boring
--
-----------------------------------------------------------------------------
module BoringWindows (
-- * Usage
-- $usage
boringWindows, boringAuto,
markBoring, clearBoring,
focusUp, focusDown, focusMaster,
UpdateBoring(UpdateBoring),
BoringMessage(Replace,Merge,IsBoring),
BoringWindows()
-- * Tips
-- ** variant of 'Full'
-- $simplest
) where
import XMonad.Layout.LayoutModifier(ModifiedLayout(..),
LayoutModifier(handleMessOrMaybeModifyIt, redoLayout))
import XMonad(Typeable, LayoutClass, Message, X, fromMessage,
sendMessage, windows, withFocused, Window)
import Control.Applicative((<$>))
import Data.List((\\), union)
import Data.Maybe(fromMaybe, listToMaybe, maybeToList)
import qualified Data.Map as M
import qualified XMonad.StackSet as W
-- $usage
-- You can use this module with the following in your
-- @~\/.xmonad\/xmonad.hs@:
--
-- > import XMonad.Layout.BoringWindows
--
-- Then edit your @layoutHook@ by adding the layout modifier:
--
-- > myLayout = boringWindows (Full ||| etc..)
-- > main = xmonad def { layoutHook = myLayout }
--
-- Then to your keybindings, add:
--
-- > , ((modm, xK_j), focusUp)
-- > , ((modm, xK_k), focusDown)
-- > , ((modm, xK_m), focusMaster)
--
-- For more detailed instructions on editing the layoutHook see:
--
-- "XMonad.Doc.Extending#Editing_the_layout_hook"
data BoringMessage = FocusUp | FocusDown | FocusMaster | IsBoring Window | ClearBoring
| Replace String [Window]
| Merge String [Window]
deriving ( Read, Show, Typeable )
instance Message BoringMessage
-- | UpdateBoring is sent before attempting to view another boring window, so
-- that layouts have a chance to mark boring windows.
data UpdateBoring = UpdateBoring
deriving (Typeable)
instance Message UpdateBoring
markBoring, clearBoring, focusUp, focusDown, focusMaster :: X ()
markBoring = withFocused (sendMessage . IsBoring)
clearBoring = sendMessage ClearBoring
focusUp = sendMessage UpdateBoring >> sendMessage FocusUp
focusDown = sendMessage UpdateBoring >> sendMessage FocusDown
focusMaster = sendMessage UpdateBoring >> sendMessage FocusMaster
data BoringWindows a = BoringWindows
{ namedBoring :: M.Map String [a] -- ^ store borings with a specific source
, chosenBoring :: [a] -- ^ user-chosen borings
, hiddenBoring :: Maybe [a] -- ^ maybe mark hidden windows
} deriving (Show,Read,Typeable)
boringWindows :: (LayoutClass l a, Eq a) => l a -> ModifiedLayout BoringWindows l a
boringWindows = ModifiedLayout (BoringWindows M.empty [] Nothing)
-- | Mark windows that are not given rectangles as boring
boringAuto :: (LayoutClass l a, Eq a) => l a -> ModifiedLayout BoringWindows l a
boringAuto = ModifiedLayout (BoringWindows M.empty [] (Just []))
instance LayoutModifier BoringWindows Window where
redoLayout (b@BoringWindows { hiddenBoring = bs }) _r mst arrs = do
let bs' = W.integrate' mst \\ map fst arrs
return (arrs, Just $ b { hiddenBoring = const bs' <$> bs } )
handleMessOrMaybeModifyIt bst@(BoringWindows nbs cbs lbs) m
| Just (Replace k ws) <- fromMessage m
, maybe True (ws/=) (M.lookup k nbs) =
let nnb = if null ws then M.delete k nbs
else M.insert k ws nbs
in rjl bst { namedBoring = nnb }
| Just (Merge k ws) <- fromMessage m
, maybe True (not . null . (ws \\)) (M.lookup k nbs) =
rjl bst { namedBoring = M.insertWith union k ws nbs }
| Just (IsBoring w) <- fromMessage m , w `notElem` cbs =
rjl bst { chosenBoring = w:cbs }
| Just ClearBoring <- fromMessage m, not (null cbs) =
rjl bst { namedBoring = M.empty, chosenBoring = []}
| Just FocusUp <- fromMessage m =
do windows $ W.modify' $ skipBoring W.focusUp'
return Nothing
| Just FocusDown <- fromMessage m =
do windows $ W.modify' $ skipBoring W.focusDown'
return Nothing
| Just FocusMaster <- fromMessage m =
do windows $ W.modify'
$ skipBoring W.focusDown' -- wiggle focus to make sure
. skipBoring W.focusUp' -- no boring window gets the focus
. focusMaster'
return Nothing
where skipBoring f st = fromMaybe st $ listToMaybe
$ filter ((`notElem` W.focus st:bs) . W.focus)
$ take (length $ W.integrate st)
$ iterate f st
bs = concat $ cbs:maybeToList lbs ++ M.elems nbs
rjl = return . Just . Left
handleMessOrMaybeModifyIt _ _ = return Nothing
-- | Variant of 'focusMaster' that works on a
-- 'Stack' rather than an entire 'StackSet'.
focusMaster' :: W.Stack a -> W.Stack a
focusMaster' c@(W.Stack _ [] _) = c
focusMaster' (W.Stack t ls rs) = W.Stack x [] (xs ++ t : rs) where (x:xs) = reverse ls
{- $simplest
An alternative to 'Full' is "XMonad.Layout.Simplest". Less windows are
ignored by 'focusUp' and 'focusDown'. This may be helpful when you want windows
to be uninteresting by some other layout modifier (ex.
"XMonad.Layout.Minimize")
-}

127
nixos/system/desktop/home-manager/xmonad/FloatKeys.hs Normal file
View file

@ -0,0 +1,127 @@
-----------------------------------------------------------------------------
-- |
-- Module : XMonad.Actions.FloatKeys
-- Copyright : (c) Karsten Schoelzel <kuser@gmx.de>
-- License : BSD
--
-- Maintainer : Karsten Schoelzel <kuser@gmx.de>
-- Stability : stable
-- Portability : unportable
--
-- Move and resize floating windows.
-----------------------------------------------------------------------------
module FloatKeys (
-- * Usage
-- $usage
keysMoveWindow,
keysMoveWindowTo,
keysResizeWindow,
keysAbsResizeWindow) where
import XMonad
import Control.Arrow ((***))
-- $usage
-- You can use this module with the following in your @~\/.xmonad\/xmonad.hs@:
--
-- > import XMonad.Actions.FloatKeys
--
-- Then add appropriate key bindings, for example:
--
-- > , ((modm, xK_d ), withFocused (keysResizeWindow (-10,-10) (1,1)))
-- > , ((modm, xK_s ), withFocused (keysResizeWindow (10,10) (1,1)))
-- > , ((modm .|. shiftMask, xK_d ), withFocused (keysAbsResizeWindow (-10,-10) (1024,752)))
-- > , ((modm .|. shiftMask, xK_s ), withFocused (keysAbsResizeWindow (10,10) (1024,752)))
-- > , ((modm, xK_a ), withFocused (keysMoveWindowTo (512,384) (1%2,1%2)))
--
-- For detailed instructions on editing your key bindings, see
-- "XMonad.Doc.Extending#Editing_key_bindings".
-- | @keysMoveWindow (dx, dy)@ moves the window by @dx@ pixels to the
-- right and @dy@ pixels down.
keysMoveWindow :: D -> Window -> X ()
keysMoveWindow (dx,dy) w = whenX (isClient w) $ withDisplay $ \d -> do
io $ raiseWindow d w
wa <- io $ getWindowAttributes d w
io $ moveWindow d w (fromIntegral (fromIntegral (wa_x wa) + dx))
(fromIntegral (fromIntegral (wa_y wa) + dy))
float w
-- | @keysMoveWindowTo (x, y) (gx, gy)@ moves the window relative
-- point @(gx, gy)@ to the point @(x,y)@, where @(gx,gy)@ gives a
-- position relative to the window border, i.e. @gx = 0@ is the left
-- border, @gx = 1@ is the right border, @gy = 0@ is the top border, and
-- @gy = 1@ the bottom border.
--
-- For example, on a 1024x768 screen:
--
-- > keysMoveWindowTo (512,384) (1%2, 1%2) -- center the window on screen
-- > keysMoveWindowTo (1024,0) (1, 0) -- put window in the top right corner
keysMoveWindowTo :: P -> G -> Window -> X ()
keysMoveWindowTo (x,y) (gx, gy) w = whenX (isClient w) $ withDisplay $ \d -> do
io $ raiseWindow d w
wa <- io $ getWindowAttributes d w
io $ moveWindow d w (x - round (gx * fromIntegral (wa_width wa)))
(y - round (gy * fromIntegral (wa_height wa)))
float w
type G = (Rational, Rational)
type P = (Position, Position)
-- | @keysResizeWindow (dx, dy) (gx, gy)@ changes the width by @dx@
-- and the height by @dy@, leaving the window-relative point @(gx,
-- gy)@ fixed.
--
-- For example:
--
-- > keysResizeWindow (10, 0) (0, 0) -- make the window 10 pixels larger to the right
-- > keysResizeWindow (10, 0) (0, 1%2) -- does the same, unless sizeHints are applied
-- > keysResizeWindow (10, 10) (1%2, 1%2) -- add 5 pixels on each side
-- > keysResizeWindow (-10, -10) (0, 1) -- shrink the window in direction of the bottom-left corner
keysResizeWindow :: D -> G -> Window -> X ()
keysResizeWindow = keysMoveResize keysResizeWindow'
-- | @keysAbsResizeWindow (dx, dy) (ax, ay)@ changes the width by @dx@
-- and the height by @dy@, leaving the screen absolute point @(ax,
-- ay)@ fixed.
--
-- For example:
--
-- > keysAbsResizeWindow (10, 10) (0, 0) -- enlarge the window; if it is not in the top-left corner it will also be moved down and to the right.
keysAbsResizeWindow :: D -> D -> Window -> X ()
keysAbsResizeWindow = keysMoveResize keysAbsResizeWindow'
keysAbsResizeWindow' :: SizeHints -> P -> D -> D -> D -> (P,D)
keysAbsResizeWindow' sh (x,y) (w,h) (dx,dy) (ax, ay) = ((round nx, round ny), (nw, nh))
where
(minw, minh) = maybe (10,10) ((***) (max 10) (max 10)) $ sh_min_size sh
(nw, nh) = if w + dx > minw && h + dy > minh then applySizeHintsContents sh (w + dx, h + dy)
else (w, h)
nx :: Rational
nx = fromIntegral (ax * w + nw * (fromIntegral x - ax)) / fromIntegral w
ny :: Rational
ny = fromIntegral (ay * h + nh * (fromIntegral y - ay)) / fromIntegral h
keysResizeWindow' :: SizeHints -> P -> D -> D -> G -> (P,D)
keysResizeWindow' sh (x,y) (w,h) (dx,dy) (gx, gy) = ((nx, ny), (nw, nh))
where
-- Prevent shrinking a window too small and getting one's foot shot
(minw, minh) = maybe (10,10) ((***) (max 10) (max 10)) $ sh_min_size sh
(nw, nh) = if w + dx > minw && h + dy > minh then applySizeHintsContents sh (w + dx, h + dy)
else (w, h)
nx = round $ fromIntegral x + gx * fromIntegral w - gx * fromIntegral nw
ny = round $ fromIntegral y + gy * fromIntegral h - gy * fromIntegral nh
keysMoveResize :: (SizeHints -> P -> D -> a -> b -> (P,D)) -> a -> b -> Window -> X ()
keysMoveResize f move resize w = whenX (isClient w) $ withDisplay $ \d -> do
io $ raiseWindow d w
wa <- io $ getWindowAttributes d w
sh' <- io $ getWMNormalHints d w
let sh = sh' {sh_resize_inc = Nothing, sh_aspect = Nothing}
wa_dim = (fromIntegral $ wa_width wa, fromIntegral $ wa_height wa)
wa_pos = (fromIntegral $ wa_x wa, fromIntegral $ wa_y wa)
(wn_pos, wn_dim) = f sh wa_pos wa_dim move resize
io $ resizeWindow d w `uncurry` wn_dim
io $ moveWindow d w `uncurry` wn_pos
float w

674
nixos/system/desktop/home-manager/xmonad/LICENSE Normal file
View file

@ -0,0 +1,674 @@
GNU GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The GNU General Public License is a free, copyleft license for
software and other kinds of works.
The licenses for most software and other practical works are designed
to take away your freedom to share and change the works. By contrast,
the GNU General Public License is intended to guarantee your freedom to
share and change all versions of a program--to make sure it remains free
software for all its users. We, the Free Software Foundation, use the
GNU General Public License for most of our software; it applies also to
any other work released this way by its authors. You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
them if you wish), that you receive source code or can get it if you
want it, that you can change the software or use pieces of it in new
free programs, and that you know you can do these things.
To protect your rights, we need to prevent others from denying you
these rights or asking you to surrender the rights. Therefore, you have
certain responsibilities if you distribute copies of the software, or if
you modify it: responsibilities to respect the freedom of others.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must pass on to the recipients the same
freedoms that you received. You must make sure that they, too, receive
or can get the source code. And you must show them these terms so they
know their rights.
Developers that use the GNU GPL protect your rights with two steps:
(1) assert copyright on the software, and (2) offer you this License
giving you legal permission to copy, distribute and/or modify it.
For the developers' and authors' protection, the GPL clearly explains
that there is no warranty for this free software. For both users' and
authors' sake, the GPL requires that modified versions be marked as
changed, so that their problems will not be attributed erroneously to
authors of previous versions.
Some devices are designed to deny users access to install or run
modified versions of the software inside them, although the manufacturer
can do so. This is fundamentally incompatible with the aim of
protecting users' freedom to change the software. The systematic
pattern of such abuse occurs in the area of products for individuals to
use, which is precisely where it is most unacceptable. Therefore, we
have designed this version of the GPL to prohibit the practice for those
products. If such problems arise substantially in other domains, we
stand ready to extend this provision to those domains in future versions
of the GPL, as needed to protect the freedom of users.
Finally, every program is threatened constantly by software patents.
States should not allow patents to restrict development and use of
software on general-purpose computers, but in those that do, we wish to
avoid the special danger that patents applied to a free program could
make it effectively proprietary. To prevent this, the GPL assures that
patents cannot be used to render the program non-free.
The precise terms and conditions for copying, distribution and
modification follow.
TERMS AND CONDITIONS
0. Definitions.
"This License" refers to version 3 of the GNU General Public License.
"Copyright" also means copyright-like laws that apply to other kinds of
works, such as semiconductor masks.
"The Program" refers to any copyrightable work licensed under this
License. Each licensee is addressed as "you". "Licensees" and
"recipients" may be individuals or organizations.
To "modify" a work means to copy from or adapt all or part of the work
in a fashion requiring copyright permission, other than the making of an
exact copy. The resulting work is called a "modified version" of the
earlier work or a work "based on" the earlier work.
A "covered work" means either the unmodified Program or a work based
on the Program.
To "propagate" a work means to do anything with it that, without
permission, would make you directly or secondarily liable for
infringement under applicable copyright law, except executing it on a
computer or modifying a private copy. Propagation includes copying,
distribution (with or without modification), making available to the
public, and in some countries other activities as well.
To "convey" a work means any kind of propagation that enables other
parties to make or receive copies. Mere interaction with a user through
a computer network, with no transfer of a copy, is not conveying.
An interactive user interface displays "Appropriate Legal Notices"
to the extent that it includes a convenient and prominently visible
feature that (1) displays an appropriate copyright notice, and (2)
tells the user that there is no warranty for the work (except to the
extent that warranties are provided), that licensees may convey the
work under this License, and how to view a copy of this License. If
the interface presents a list of user commands or options, such as a
menu, a prominent item in the list meets this criterion.
1. Source Code.
The "source code" for a work means the preferred form of the work
for making modifications to it. "Object code" means any non-source
form of a work.
A "Standard Interface" means an interface that either is an official
standard defined by a recognized standards body, or, in the case of
interfaces specified for a particular programming language, one that
is widely used among developers working in that language.
The "System Libraries" of an executable work include anything, other
than the work as a whole, that (a) is included in the normal form of
packaging a Major Component, but which is not part of that Major
Component, and (b) serves only to enable use of the work with that
Major Component, or to implement a Standard Interface for which an
implementation is available to the public in source code form. A
"Major Component", in this context, means a major essential component
(kernel, window system, and so on) of the specific operating system
(if any) on which the executable work runs, or a compiler used to
produce the work, or an object code interpreter used to run it.
The "Corresponding Source" for a work in object code form means all
the source code needed to generate, install, and (for an executable
work) run the object code and to modify the work, including scripts to
control those activities. However, it does not include the work's
System Libraries, or general-purpose tools or generally available free
programs which are used unmodified in performing those activities but
which are not part of the work. For example, Corresponding Source
includes interface definition files associated with source files for
the work, and the source code for shared libraries and dynamically
linked subprograms that the work is specifically designed to require,
such as by intimate data communication or control flow between those
subprograms and other parts of the work.
The Corresponding Source need not include anything that users
can regenerate automatically from other parts of the Corresponding
Source.
The Corresponding Source for a work in source code form is that
same work.
2. Basic Permissions.
All rights granted under this License are granted for the term of
copyright on the Program, and are irrevocable provided the stated
conditions are met. This License explicitly affirms your unlimited
permission to run the unmodified Program. The output from running a
covered work is covered by this License only if the output, given its
content, constitutes a covered work. This License acknowledges your
rights of fair use or other equivalent, as provided by copyright law.
You may make, run and propagate covered works that you do not
convey, without conditions so long as your license otherwise remains
in force. You may convey covered works to others for the sole purpose
of having them make modifications exclusively for you, or provide you
with facilities for running those works, provided that you comply with
the terms of this License in conveying all material for which you do
not control copyright. Those thus making or running the covered works
for you must do so exclusively on your behalf, under your direction
and control, on terms that prohibit them from making any copies of
your copyrighted material outside their relationship with you.
Conveying under any other circumstances is permitted solely under
the conditions stated below. Sublicensing is not allowed; section 10
makes it unnecessary.
3. Protecting Users' Legal Rights From Anti-Circumvention Law.
No covered work shall be deemed part of an effective technological
measure under any applicable law fulfilling obligations under article
11 of the WIPO copyright treaty adopted on 20 December 1996, or
similar laws prohibiting or restricting circumvention of such
measures.
When you convey a covered work, you waive any legal power to forbid
circumvention of technological measures to the extent such circumvention
is effected by exercising rights under this License with respect to
the covered work, and you disclaim any intention to limit operation or
modification of the work as a means of enforcing, against the work's
users, your or third parties' legal rights to forbid circumvention of
technological measures.
4. Conveying Verbatim Copies.
You may convey verbatim copies of the Program's source code as you
receive it, in any medium, provided that you conspicuously and
appropriately publish on each copy an appropriate copyright notice;
keep intact all notices stating that this License and any
non-permissive terms added in accord with section 7 apply to the code;
keep intact all notices of the absence of any warranty; and give all
recipients a copy of this License along with the Program.
You may charge any price or no price for each copy that you convey,
and you may offer support or warranty protection for a fee.
5. Conveying Modified Source Versions.
You may convey a work based on the Program, or the modifications to
produce it from the Program, in the form of source code under the
terms of section 4, provided that you also meet all of these conditions:
a) The work must carry prominent notices stating that you modified
it, and giving a relevant date.
b) The work must carry prominent notices stating that it is
released under this License and any conditions added under section
7. This requirement modifies the requirement in section 4 to
"keep intact all notices".
c) You must license the entire work, as a whole, under this
License to anyone who comes into possession of a copy. This
License will therefore apply, along with any applicable section 7
additional terms, to the whole of the work, and all its parts,
regardless of how they are packaged. This License gives no
permission to license the work in any other way, but it does not
invalidate such permission if you have separately received it.
d) If the work has interactive user interfaces, each must display
Appropriate Legal Notices; however, if the Program has interactive
interfaces that do not display Appropriate Legal Notices, your
work need not make them do so.
A compilation of a covered work with other separate and independent
works, which are not by their nature extensions of the covered work,
and which are not combined with it such as to form a larger program,
in or on a volume of a storage or distribution medium, is called an
"aggregate" if the compilation and its resulting copyright are not
used to limit the access or legal rights of the compilation's users
beyond what the individual works permit. Inclusion of a covered work
in an aggregate does not cause this License to apply to the other
parts of the aggregate.
6. Conveying Non-Source Forms.
You may convey a covered work in object code form under the terms
of sections 4 and 5, provided that you also convey the
machine-readable Corresponding Source under the terms of this License,
in one of these ways:
a) Convey the object code in, or embodied in, a physical product
(including a physical distribution medium), accompanied by the
Corresponding Source fixed on a durable physical medium
customarily used for software interchange.
b) Convey the object code in, or embodied in, a physical product
(including a physical distribution medium), accompanied by a
written offer, valid for at least three years and valid for as
long as you offer spare parts or customer support for that product
model, to give anyone who possesses the object code either (1) a
copy of the Corresponding Source for all the software in the
product that is covered by this License, on a durable physical
medium customarily used for software interchange, for a price no
more than your reasonable cost of physically performing this
conveying of source, or (2) access to copy the
Corresponding Source from a network server at no charge.
c) Convey individual copies of the object code with a copy of the
written offer to provide the Corresponding Source. This
alternative is allowed only occasionally and noncommercially, and
only if you received the object code with such an offer, in accord
with subsection 6b.
d) Convey the object code by offering access from a designated
place (gratis or for a charge), and offer equivalent access to the
Corresponding Source in the same way through the same place at no
further charge. You need not require recipients to copy the
Corresponding Source along with the object code. If the place to
copy the object code is a network server, the Corresponding Source
may be on a different server (operated by you or a third party)
that supports equivalent copying facilities, provided you maintain
clear directions next to the object code saying where to find the
Corresponding Source. Regardless of what server hosts the
Corresponding Source, you remain obligated to ensure that it is
available for as long as needed to satisfy these requirements.
e) Convey the object code using peer-to-peer transmission, provided
you inform other peers where the object code and Corresponding
Source of the work are being offered to the general public at no
charge under subsection 6d.
A separable portion of the object code, whose source code is excluded
from the Corresponding Source as a System Library, need not be
included in conveying the object code work.
A "User Product" is either (1) a "consumer product", which means any
tangible personal property which is normally used for personal, family,
or household purposes, or (2) anything designed or sold for incorporation
into a dwelling. In determining whether a product is a consumer product,
doubtful cases shall be resolved in favor of coverage. For a particular
product received by a particular user, "normally used" refers to a
typical or common use of that class of product, regardless of the status
of the particular user or of the way in which the particular user
actually uses, or expects or is expected to use, the product. A product
is a consumer product regardless of whether the product has substantial
commercial, industrial or non-consumer uses, unless such uses represent
the only significant mode of use of the product.
"Installation Information" for a User Product means any methods,
procedures, authorization keys, or other information required to install
and execute modified versions of a covered work in that User Product from
a modified version of its Corresponding Source. The information must
suffice to ensure that the continued functioning of the modified object
code is in no case prevented or interfered with solely because
modification has been made.
If you convey an object code work under this section in, or with, or
specifically for use in, a User Product, and the conveying occurs as
part of a transaction in which the right of possession and use of the
User Product is transferred to the recipient in perpetuity or for a
fixed term (regardless of how the transaction is characterized), the
Corresponding Source conveyed under this section must be accompanied
by the Installation Information. But this requirement does not apply
if neither you nor any third party retains the ability to install
modified object code on the User Product (for example, the work has
been installed in ROM).
The requirement to provide Installation Information does not include a
requirement to continue to provide support service, warranty, or updates
for a work that has been modified or installed by the recipient, or for
the User Product in which it has been modified or installed. Access to a
network may be denied when the modification itself materially and
adversely affects the operation of the network or violates the rules and
protocols for communication across the network.
Corresponding Source conveyed, and Installation Information provided,
in accord with this section must be in a format that is publicly
documented (and with an implementation available to the public in
source code form), and must require no special password or key for
unpacking, reading or copying.
7. Additional Terms.
"Additional permissions" are terms that supplement the terms of this
License by making exceptions from one or more of its conditions.
Additional permissions that are applicable to the entire Program shall
be treated as though they were included in this License, to the extent
that they are valid under applicable law. If additional permissions
apply only to part of the Program, that part may be used separately
under those permissions, but the entire Program remains governed by
this License without regard to the additional permissions.
When you convey a copy of a covered work, you may at your option
remove any additional permissions from that copy, or from any part of
it. (Additional permissions may be written to require their own
removal in certain cases when you modify the work.) You may place
additional permissions on material, added by you to a covered work,
for which you have or can give appropriate copyright permission.
Notwithstanding any other provision of this License, for material you
add to a covered work, you may (if authorized by the copyright holders of
that material) supplement the terms of this License with terms:
a) Disclaiming warranty or limiting liability differently from the
terms of sections 15 and 16 of this License; or
b) Requiring preservation of specified reasonable legal notices or
author attributions in that material or in the Appropriate Legal
Notices displayed by works containing it; or
c) Prohibiting misrepresentation of the origin of that material, or
requiring that modified versions of such material be marked in
reasonable ways as different from the original version; or
d) Limiting the use for publicity purposes of names of licensors or
authors of the material; or
e) Declining to grant rights under trademark law for use of some
trade names, trademarks, or service marks; or
f) Requiring indemnification of licensors and authors of that
material by anyone who conveys the material (or modified versions of
it) with contractual assumptions of liability to the recipient, for
any liability that these contractual assumptions directly impose on
those licensors and authors.
All other non-permissive additional terms are considered "further
restrictions" within the meaning of section 10. If the Program as you
received it, or any part of it, contains a notice stating that it is
governed by this License along with a term that is a further
restriction, you may remove that term. If a license document contains
a further restriction but permits relicensing or conveying under this
License, you may add to a covered work material governed by the terms
of that license document, provided that the further restriction does
not survive such relicensing or conveying.
If you add terms to a covered work in accord with this section, you
must place, in the relevant source files, a statement of the
additional terms that apply to those files, or a notice indicating
where to find the applicable terms.
Additional terms, permissive or non-permissive, may be stated in the
form of a separately written license, or stated as exceptions;
the above requirements apply either way.
8. Termination.
You may not propagate or modify a covered work except as expressly
provided under this License. Any attempt otherwise to propagate or
modify it is void, and will automatically terminate your rights under
this License (including any patent licenses granted under the third
paragraph of section 11).
However, if you cease all violation of this License, then your
license from a particular copyright holder is reinstated (a)
provisionally, unless and until the copyright holder explicitly and
finally terminates your license, and (b) permanently, if the copyright
holder fails to notify you of the violation by some reasonable means
prior to 60 days after the cessation.
Moreover, your license from a particular copyright holder is
reinstated permanently if the copyright holder notifies you of the
violation by some reasonable means, this is the first time you have
received notice of violation of this License (for any work) from that
copyright holder, and you cure the violation prior to 30 days after
your receipt of the notice.
Termination of your rights under this section does not terminate the
licenses of parties who have received copies or rights from you under
this License. If your rights have been terminated and not permanently
reinstated, you do not qualify to receive new licenses for the same
material under section 10.
9. Acceptance Not Required for Having Copies.
You are not required to accept this License in order to receive or
run a copy of the Program. Ancillary propagation of a covered work
occurring solely as a consequence of using peer-to-peer transmission
to receive a copy likewise does not require acceptance. However,
nothing other than this License grants you permission to propagate or
modify any covered work. These actions infringe copyright if you do
not accept this License. Therefore, by modifying or propagating a
covered work, you indicate your acceptance of this License to do so.
10. Automatic Licensing of Downstream Recipients.
Each time you convey a covered work, the recipient automatically
receives a license from the original licensors, to run, modify and
propagate that work, subject to this License. You are not responsible
for enforcing compliance by third parties with this License.
An "entity transaction" is a transaction transferring control of an
organization, or substantially all assets of one, or subdividing an
organization, or merging organizations. If propagation of a covered
work results from an entity transaction, each party to that
transaction who receives a copy of the work also receives whatever
licenses to the work the party's predecessor in interest had or could
give under the previous paragraph, plus a right to possession of the
Corresponding Source of the work from the predecessor in interest, if
the predecessor has it or can get it with reasonable efforts.
You may not impose any further restrictions on the exercise of the
rights granted or affirmed under this License. For example, you may
not impose a license fee, royalty, or other charge for exercise of
rights granted under this License, and you may not initiate litigation
(including a cross-claim or counterclaim in a lawsuit) alleging that
any patent claim is infringed by making, using, selling, offering for
sale, or importing the Program or any portion of it.
11. Patents.
A "contributor" is a copyright holder who authorizes use under this
License of the Program or a work on which the Program is based. The
work thus licensed is called the contributor's "contributor version".
A contributor's "essential patent claims" are all patent claims
owned or controlled by the contributor, whether already acquired or
hereafter acquired, that would be infringed by some manner, permitted
by this License, of making, using, or selling its contributor version,
but do not include claims that would be infringed only as a
consequence of further modification of the contributor version. For
purposes of this definition, "control" includes the right to grant
patent sublicenses in a manner consistent with the requirements of
this License.
Each contributor grants you a non-exclusive, worldwide, royalty-free
patent license under the contributor's essential patent claims, to
make, use, sell, offer for sale, import and otherwise run, modify and
propagate the contents of its contributor version.
In the following three paragraphs, a "patent license" is any express
agreement or commitment, however denominated, not to enforce a patent
(such as an express permission to practice a patent or covenant not to
sue for patent infringement). To "grant" such a patent license to a
party means to make such an agreement or commitment not to enforce a
patent against the party.
If you convey a covered work, knowingly relying on a patent license,
and the Corresponding Source of the work is not available for anyone
to copy, free of charge and under the terms of this License, through a
publicly available network server or other readily accessible means,
then you must either (1) cause the Corresponding Source to be so
available, or (2) arrange to deprive yourself of the benefit of the
patent license for this particular work, or (3) arrange, in a manner
consistent with the requirements of this License, to extend the patent
license to downstream recipients. "Knowingly relying" means you have
actual knowledge that, but for the patent license, your conveying the
covered work in a country, or your recipient's use of the covered work
in a country, would infringe one or more identifiable patents in that
country that you have reason to believe are valid.
If, pursuant to or in connection with a single transaction or
arrangement, you convey, or propagate by procuring conveyance of, a
covered work, and grant a patent license to some of the parties
receiving the covered work authorizing them to use, propagate, modify
or convey a specific copy of the covered work, then the patent license
you grant is automatically extended to all recipients of the covered
work and works based on it.
A patent license is "discriminatory" if it does not include within
the scope of its coverage, prohibits the exercise of, or is
conditioned on the non-exercise of one or more of the rights that are
specifically granted under this License. You may not convey a covered
work if you are a party to an arrangement with a third party that is
in the business of distributing software, under which you make payment
to the third party based on the extent of your activity of conveying
the work, and under which the third party grants, to any of the
parties who would receive the covered work from you, a discriminatory
patent license (a) in connection with copies of the covered work
conveyed by you (or copies made from those copies), or (b) primarily
for and in connection with specific products or compilations that
contain the covered work, unless you entered into that arrangement,
or that patent license was granted, prior to 28 March 2007.
Nothing in this License shall be construed as excluding or limiting
any implied license or other defenses to infringement that may
otherwise be available to you under applicable patent law.
12. No Surrender of Others' Freedom.
If conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot convey a
covered work so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you may
not convey it at all. For example, if you agree to terms that obligate you
to collect a royalty for further conveying from those to whom you convey
the Program, the only way you could satisfy both those terms and this
License would be to refrain entirely from conveying the Program.
13. Use with the GNU Affero General Public License.
Notwithstanding any other provision of this License, you have
permission to link or combine any covered work with a work licensed
under version 3 of the GNU Affero General Public License into a single
combined work, and to convey the resulting work. The terms of this
License will continue to apply to the part which is the covered work,
but the special requirements of the GNU Affero General Public License,
section 13, concerning interaction through a network will apply to the
combination as such.
14. Revised Versions of this License.
The Free Software Foundation may publish revised and/or new versions of
the GNU General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the
Program specifies that a certain numbered version of the GNU General
Public License "or any later version" applies to it, you have the
option of following the terms and conditions either of that numbered
version or of any later version published by the Free Software
Foundation. If the Program does not specify a version number of the
GNU General Public License, you may choose any version ever published
by the Free Software Foundation.
If the Program specifies that a proxy can decide which future
versions of the GNU General Public License can be used, that proxy's
public statement of acceptance of a version permanently authorizes you
to choose that version for the Program.
Later license versions may give you additional or different
permissions. However, no additional obligations are imposed on any
author or copyright holder as a result of your choosing to follow a
later version.
15. Disclaimer of Warranty.
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. Limitation of Liability.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
SUCH DAMAGES.
17. Interpretation of Sections 15 and 16.
If the disclaimer of warranty and limitation of liability provided
above cannot be given local legal effect according to their terms,
reviewing courts shall apply local law that most closely approximates
an absolute waiver of all civil liability in connection with the
Program, unless a warranty or assumption of liability accompanies a
copy of the Program in return for a fee.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
state the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Also add information on how to contact you by electronic and paper mail.
If the program does terminal interaction, make it output a short
notice like this when it starts in an interactive mode:
<program> Copyright (C) <year> <name of author>
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, your program's commands
might be different; for a GUI interface, you would use an "about box".
You should also get your employer (if you work as a programmer) or school,
if any, to sign a "copyright disclaimer" for the program, if necessary.
For more information on this, and how to apply and follow the GNU GPL, see
<http://www.gnu.org/licenses/>.
The GNU General Public License does not permit incorporating your program
into proprietary programs. If your program is a subroutine library, you
may consider it more useful to permit linking proprietary applications with
the library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License. But first, please read
<http://www.gnu.org/philosophy/why-not-lgpl.html>.

532
nixos/system/desktop/home-manager/xmonad/Main.hs Normal file
View file

@ -0,0 +1,532 @@
{-# LANGUAGE FlexibleContexts #-}
module Main where
import XMonad.Util.NamedWindows (getName)
import XMonad.Util.Run (safeSpawn)
import BoringWindows (BoringMessage (..),
boringWindows, clearBoring,
focusDown, focusUp)
import qualified Data.Map as M
import Data.Monoid (All, Endo)
import Data.Ratio ((%))
import FloatKeys (keysResizeWindow)
import Memo (nextRectangle)
import NixCommands
import qualified SolarizedLight as Solarized
import System.Exit
import XMonad
import XMonad.Actions.CopyWindow (copy, copyToAll, kill1,
killAllOtherCopies,
wsContainingCopies)
import XMonad.Actions.CycleWS (toggleWS')
import XMonad.Actions.DynamicProjects (Project (..),
dynamicProjects)
import XMonad.Actions.DynamicWorkspaces (addHiddenWorkspace, removeEmptyWorkspaceAfterExcept,
renameWorkspace,
withWorkspace)
import XMonad.Actions.Navigation2D (additionalNav2DKeysP,
windowGo, windowSwap)
import XMonad.Actions.UpdatePointer (updatePointer)
import XMonad.Actions.Warp (warpToScreen)
import XMonad.Hooks.DynamicLog (dynamicLog)
import XMonad.Hooks.ManageDebug (debugManageHook)
import XMonad.Hooks.ManageHelpers (doCenterFloat)
import XMonad.Hooks.SetWMName (setWMName)
import XMonad.Hooks.UrgencyHook (withUrgencyHook,
UrgencyHook(..))
import XMonad.Layout.Mosaic (Aspect (Reset))
import XMonad.Layout.NoBorders (noBorders, smartBorders)
import XMonad.Layout.ResizableTile (MirrorResize (MirrorExpand, MirrorShrink),
ResizableTall (..))
import XMonad.Layout.StateFull (focusTracking)
import XMonad.Layout.WindowNavigation (configurableNavigation,
noNavigateBorders)
import XMonad.Prompt (XPConfig (..))
import qualified XMonad.StackSet as W
import XMonad.Util.EZConfig (additionalKeysP)
import XMonad.Util.Scratchpad (scratchpadManageHook,
scratchpadSpawnAction)
import XMonad.Util.SpawnOnce (spawnOnce)
------------------------------------------------------------------------
--
-- Layouts
--
------------------------------------------------------------------------
selectionColor :: String
selectionColor = Solarized.magenta
nonSelectionColor :: String
nonSelectionColor = Solarized.base02
myLayout =
(windowConfiguration $ smartBorders $ boringWindows resizeableTall) |||
noBorders Full
where
resizeableTall = ResizableTall nmaster delta ratio []
-- The default number of windows in the master pane
nmaster = 1
-- Default proportion of screen occupied by master pane
ratio = 1 / 2
-- Percent of screen to increment by when resizing panes
delta = 3 / 100
windowConfiguration = configurableNavigation noNavigateBorders
-- ------------------------------------------------------------
--
-- predefined workspaces
--
-- ------------------------------------------------------------
-- default workspaces they will always be there.
-- And they are protected against renaming
myWorkspaces :: [String]
myWorkspaces = ["1", "2", "3", "4"]
-- workspaces names to be used only by one program, partly spawning on startup.
autoSpawnWorkspaces :: [String]
autoSpawnWorkspaces = ["-copyq"]
-- theses workspaces should not be removed by the workspace
-- switch commands
nonRemovableWorkspaces :: [String]
nonRemovableWorkspaces = myWorkspaces ++ autoSpawnWorkspaces
-- projects
-- named workspaces with predefined behavior
projects :: [Project]
projects =
[ Project
{ projectName = "chat"
, projectDirectory = "~/"
, projectStartHook = Just $ spawn nixStartIrc
}
, Project
{ projectName = "audio"
, projectDirectory = "~/music-library"
, projectStartHook = Just $ spawn nixStartAudacious
}
, Project
{ projectName = "nixos"
, projectDirectory = "~/dev/krops"
, projectStartHook = Nothing
}
, Project
{ projectName = "-copyq"
, projectDirectory = "~/"
, projectStartHook = Just $ spawn nixShowCopyq
}
]
-- ------------------------------------------------------------
--
-- key definitions
--
-- ------------------------------------------------------------
myKeys :: XConfig Layout -> M.Map (ButtonMask, KeySym) (X ())
myKeys XConfig {modMask = modm} =
M.fromList $
-- ------------------------------------------------------------
--
-- predefined workspaces
--
-- ------------------------------------------------------------
--
-- mod-[1..9], Switch to workspace N
[ ( (m .|. modm, k)
, do removeEmptyWorkspaceAfterExcept nonRemovableWorkspaces $ windows $ f i
updateBoring)
| (i, k) <- zip myWorkspaces [xK_1 .. xK_9]
, (f, m) <- [(W.greedyView, 0)]
] ++
-- mod-<shift>-[1..9] move window to workspace N
-- mod-<control>-[1..9] copy window to workspace N
[ ( (m .|. modm, k)
, do windows $ f i
updateBoring)
| (i, k) <- zip myWorkspaces [xK_1 .. xK_9]
, (f, m) <- [(W.shift, shiftMask), (copy, controlMask)]
]
-- ------------------------------------------------------------
--
-- select next Screen/Monitor.
-- (works for 2 and 1 monitor, but might also work for more)
--
-- ------------------------------------------------------------
selectNextScreen :: X ()
selectNextScreen = do
W.StackSet {W.current = current, W.visible = visible} <- gets windowset
warpToScreen (nextScreen current visible) (1 % 2) (1 % 2)
where
nextScreen current [] = W.screen current
nextScreen _ (x:_) = W.screen x
isFloat :: Window -> X Bool
isFloat w = gets windowset >>= \ws -> return (M.member w $ W.floating ws)
-- | add different shortcuts for different type
-- of situation. Floating or Tiling
floatTileCommand :: X () -> X () -> Window -> X ()
floatTileCommand forFloating forTileing window = do
floating <- isFloat window
if floating
then forFloating
else forTileing
toggleFloating :: W.RationalRect -> Window -> X ()
toggleFloating position =
floatTileCommand
(withFocused (windows . W.sink))
(withFocused (windows . (`W.float` position)))
multiKeys [] = []
multiKeys ((key, command):xs) = (createMultiKey key command) ++ multiKeys xs
where
createMultiKey keyString command =
[("M4-" ++ keyString, command), ("M4-z " ++ keyString, command)]
myAdditionaKeys :: [(String, X ())]
myAdditionaKeys
-- ------------------------------------------------------------
--
-- dynamic workspaces
--
-- ------------------------------------------------------------
-- switch to workspace
=
(multiKeys
[ ( "`"
, do removeEmptyWorkspaceAfterExcept
nonRemovableWorkspaces
(withWorkspace autoXPConfig (windows . W.greedyView))
updateBoring)
-- move focused window to workspace
, ("S-<Space>", withWorkspace myXPConfig (windows . W.shift))
-- copy focused window to workspace
, ("C-<Space>", withWorkspace myXPConfig (windows . copy))
-- make windows "sticky" by copy and remove them to and from all other windows
, ( "s"
, do copies <- wsContainingCopies
if not (null copies)
then do
killAllOtherCopies
clearBoring
else do
windows copyToAll
withFocused (broadcastMessage . IsBoring))
-- rename workspace but make sure myWorkspaces still exist
, ( "r"
, do renameWorkspace myXPConfig
sequence_ [addHiddenWorkspace ws | ws <- myWorkspaces])
, ( "<Esc>"
, do toggleWS' ["NSP"]
updateBoring)
]) ++
-- ------------------------------------------------------------
--
-- launch applications
--
-- ------------------------------------------------------------
(multiKeys
-- launch a terminal
[ ("<Return>", spawn $ XMonad.terminal defaults)
, ("q", kill1)
-- open scratchpad
, ( "-"
, do scratchpadSpawnAction defaults
updateBoring)
]) ++
[ ( "<Print>"
-- create screenshot
, spawn nixStartFlameshot)
-- invert color for bright or dark days
, ("<Pause>", spawn nixInvertColors)
] ++
-- ------------------------------------------------------------
--
-- Window and Layout
--
-- ------------------------------------------------------------
(multiKeys
-- Move focus to the next window
[ ( "j"
, do sendMessage FirstLayout
focusDown)
-- Move focus to the previous window
, ( "k"
, do sendMessage FirstLayout
focusUp)
-- Swap the focused window and the master window
, ("<Tab>", windows W.swapMaster)
-- Swap the focused window with the next window
, ( "S-j"
, do sendMessage FirstLayout
windows W.swapDown)
-- Swap the focused window with the previous window
, ( "S-k"
, do sendMessage FirstLayout
windows W.swapUp)
-- Rotate through the available layout algorithms
, ("f", sendMessage NextLayout)
-- Shrink the current area
-- Shrink the master area
, ( "h"
, withFocused $
floatTileCommand
(withFocused (keysResizeWindow (10, 0) (1, 1 % 2)))
(do sendMessage Shrink
sendMessage Reset))
-- Expand the master area
, ( "l"
, withFocused $
floatTileCommand
(withFocused (keysResizeWindow (-10, 0) (1, 1 % 2)))
(do sendMessage Expand
sendMessage Reset))
-- Expand the current area
, ( "S-l"
, withFocused $
floatTileCommand
(withFocused (keysResizeWindow (0, -10) (1 % 2, 1)))
(do sendMessage MirrorExpand
sendMessage Reset))
, ( "S-h"
, withFocused $
floatTileCommand
(withFocused (keysResizeWindow (0, 10) (1 % 2, 1)))
(do sendMessage MirrorShrink
sendMessage Reset))
-- Toggle window tiling/floating
, ( "t"
, do next <- nextRectangle
withFocused $ toggleFloating next)
, ( "n"
, withFocused $
floatTileCommand
(do position <- nextRectangle
withFocused (windows . (`W.float` position)))
(return ()))
-- Increment the number of windows in the master area
, (",", sendMessage (IncMasterN 1))
-- Deincrement the number of windows in the master area
, (".", sendMessage (IncMasterN (-1)))
]) ++
-- ------------------------------------------------------------
--
-- Xmonad Commands
--
-- ------------------------------------------------------------
-- Quit xmonad
(multiKeys
[ ("S-q", io exitSuccess)
-- restart xmonad
, ("S-r", spawn "xmonad --recompile; xmonad --restart")
-- select next screen/monitor
, ("<Backspace>", selectNextScreen)
-- move window next screen/monitor
-- , ("M4-S-<Backspace>", moveWindowToNextScreen)
]) ++
-- ------------------------------------------------------------
--
-- Volume Control
--
-- ------------------------------------------------------------
[ ("<XF86AudioRaiseVolume>", spawn nixAlsaRaiseVolume)
, ("<XF86AudioLowerVolume>", spawn nixAlsaLowerVolume)
, ("<XF86AudioMute>", spawn nixAlsaMute)
] ++
-- ------------------------------------------------------------
--
-- Redshift
--
-- ------------------------------------------------------------
[("M4-<F9>", spawn nixStartRedshift), ("M4-<F10>", spawn nixResetRedshift)] ++
-- ------------------------------------------------------------
--
-- programs
--
-- ------------------------------------------------------------
[("M4-b", spawn nixSetBackground)]
------------------------------------------------------------------------
-- Mouse bindings: default actions bound to mouse events
--
mouse :: XConfig t -> M.Map (KeyMask, Button) (Window -> X ())
-- mouse _ = M.empty
mouse XConfig {XMonad.modMask = modm} =
M.fromList
-- mod-button1, Set the window to floating mode and move by dragging
[ ( (modm, button1)
, \w -> do
focus w
mouseMoveWindow w
windows W.shiftMaster)
-- mod-button2, Raise the window to the top of the stack
, ( (modm, button2)
, \w -> do
focus w
windows W.shiftMaster)
-- mod-button3, Set the window to floating mode and resize by dragging
, ( (modm, button3)
, \w -> do
focus w
mouseResizeWindow w
windows W.shiftMaster)
-- you may also bind events to the mouse scroll wheel (button4 and button5)
]
------------------------------------------------------------------------
-- Window rules:
-- Execute arbitrary actions and WindowSet manipulations when managing
-- a new window. You can use this to, for example, always float a
-- particular program, or have a client always appear on a particular
-- workspace.
--
-- To find the property name associated with a program, use
-- > xprop | grep WM_CLASS
-- and click on the client you're interested in.
--
-- To match on the WM_NAME, you can use 'title' in the same way that
-- 'className' and 'resource' are used below.
--
myManageHook :: Query (Endo WindowSet)
myManageHook =
composeAll
[ className =? "Gimp" --> doFloat
, className =? "zettlr" --> doFloat
, title =? "fzfmenu" --> doCenterFloat
, resource =? "copyq" --> doShift "-copyq"
, scratchpadManageHook
(W.RationalRect
-- | percentage distance from left
0.2
-- | percentage distance from top
0.2
-- | width
0.6
-- | height
0.6)
]
------------------------------------------------------------------------
-- Event handling
-- * EwmhDesktops users should change this to ewmhDesktopsEventHook
--
-- Defines a custom handler function for X Events. The function should
-- return (All True) if the default handler is to be run afterwards. To
-- combine event hooks use mappend or mconcat from Data.Monoid.
--
myEventHook :: Event -> X All
myEventHook = mempty
------------------------------------------------------------------------
-- Status bars and logging
-- Perform an arbitrary action on each internal state change or X event.
-- See the 'XMonad.Hooks.DynamicLog' extension for examples.
--
myLogHook :: X ()
myLogHook = do
dynamicLog
-- make sure the pointer always follows the focused window, when we use shortcuts
updatePointer (0.5, 0.5) (0, 0)
------------------------------------------------------------------------
-- Startup hook
-- Perform an arbitrary action each time xmonad starts or is restarted
-- with mod-q. Used by, e.g., XMonad.Layout.PerWorkspace to initialize
-- per-workspace layout choices.
--
-- By default, do nothing.
startUp :: X ()
startUp
-- java fix
= do
setWMName "LG3D"
spawn nixSetCursorImage
spawn nixSetBackground
spawn nixStartAlbert
spawnOnce nixStartCopyq
------------------------------------------------------------------------
-- Now run xmonad with all the defaults we set up.
-- Run xmonad with the settings you specify. No need to modify this.
--
main :: IO ()
main = do
xmonad $
withUrgencyHook LibNotifyUrgencyHook $
dynamicProjects projects $
-- debugManageHook $
defaults
myTerm :: FilePath
myTerm = nixStartTerminal
-- make sure we never select a boring window
-- when we select another workspace.
updateBoring :: X ()
updateBoring = do
focusUp
focusDown
-- A structure containing your configuration settings, overriding
-- fields in the default config. Any you don't override, will
-- use the defaults defined in xmonad/XMonad/Config.hs
--
-- No need to modify this.
--
defaults =
additionalNav2DKeysP
("<Up>", "<Left>", "<Down>", "<Right>")
[("M-", windowGo), ("M-S-", windowSwap)]
False
def
{ terminal = myTerm
-- Whether focus follows the mouse pointer.
, focusFollowsMouse = True
-- Whether clicking on a window to focus also passes the click to the window
, clickJustFocuses = False
-- color configuration
, normalBorderColor = nonSelectionColor
, focusedBorderColor = selectionColor
, borderWidth = 1
-- modMask lets you specify which modkey you want to use.
-- mod1Mask ("left alt").
-- mod3Mask ("right alt")
-- mod4Mask ("windows key")
, modMask = mod4Mask
, workspaces = nonRemovableWorkspaces
-- key bindings
, keys = myKeys
, mouseBindings = mouse
-- , layoutHook = focusTracking $ historyLayout myLayout
, layoutHook = focusTracking myLayout
-- , logHook = myLogHook <> runAllPending
, logHook = myLogHook
, startupHook = startUp
, manageHook = myManageHook
, handleEventHook = myEventHook
} `additionalKeysP`
myAdditionaKeys
autoXPConfig :: XPConfig
autoXPConfig = myXPConfig {autoComplete = Just 5000}
myXPConfig :: XPConfig
myXPConfig =
def
{ bgColor = Solarized.base03
, fgColor = Solarized.base0
, promptBorderWidth = 0
, font = "xft:DejaVu Sans:pixelsize=16:antialias=true:hinting=true"
}
data LibNotifyUrgencyHook = LibNotifyUrgencyHook deriving (Read, Show)
instance UrgencyHook LibNotifyUrgencyHook where
urgencyHook LibNotifyUrgencyHook w = do
name <- getName w
Just idx <- fmap (W.findTag w) $ gets windowset
safeSpawn nixNotifySend [show name, "workspace " ++ idx]

37
nixos/system/desktop/home-manager/xmonad/Memo.hs Normal file
View file

@ -0,0 +1,37 @@
{-# LANGUAGE DeriveDataTypeable #-}
{-| A hacky module to cycle through a list of
rectangles, I'm using this to place a floating window somehwere
when it is in my way -}
module Memo where
import XMonad.Config.Prime
import qualified XMonad.StackSet as W
import qualified XMonad.Util.ExtensibleState as ES
newtype MemoStorage =
MemoStorage [W.RationalRect]
deriving (Typeable)
-- (RationalRect x y height width)
instance ExtensionClass MemoStorage where
initialValue =
MemoStorage
(cycle
[ (W.RationalRect 0.6 0.0 0.4 0.4) -- oben rechts
, (W.RationalRect 0.6 0.3 0.4 0.4) -- mitte rechts
, (W.RationalRect 0.6 0.6 0.4 0.4) -- unten rechts
, (W.RationalRect 0.3 0.6 0.4 0.4) -- unten mitte
, (W.RationalRect 0.0 0.6 0.4 0.4) -- unten links
, (W.RationalRect 0.0 0.3 0.4 0.4) -- mitte links
, (W.RationalRect 0.0 0.0 0.4 0.4) -- oben links
, (W.RationalRect 0.3 0.0 0.4 0.4) -- oben mitte
])
nextRectangle :: X W.RationalRect
nextRectangle = do
MemoStorage next <- ES.get :: X MemoStorage
ES.modify (\(MemoStorage (_:xs)) -> MemoStorage xs)
return (head next)

20
nixos/system/desktop/home-manager/xmonad/NixCommands.hs Normal file
View file

@ -0,0 +1,20 @@
-- this is just a dummy and will not be used
module NixCommands where
nixStartIrc = ""
nixStartAudacious = ""
nixStartFlameshot = ""
nixInvertColors = ""
nixStartRedshift = ""
nixResetRedshift = ""
nixSetCursorImage = ""
nixSetBackground = ""
nixStartAlbert = ""
nixStartCopyq = ""
nixShowCopyq = ""
nixStartTerminal = ""
nixAlsaRaiseVolume = ""
nixAlsaLowerVolume = ""
nixAlsaMute = ""
nixNotifySend = ""

3
nixos/system/desktop/home-manager/xmonad/Setup.hs Normal file
View file

@ -0,0 +1,3 @@
-- this is only here to satisfy my haskell mode
import Distribution.Simple
main = defaultMain

49
nixos/system/desktop/home-manager/xmonad/SolarizedDark.hs Normal file
View file

@ -0,0 +1,49 @@
module SolarizedDark where
base0 :: String
base0 = "#839496"
base00 :: String
base00 = "#657b83"
base01 :: String
base01 = "#586e75"
base02 :: String
base02 = "#073642"
base03 :: String
base03 = "#002b36"
base1 :: String
base1 = "#93a1a1"
base2 :: String
base2 = "#eee8d5"
base3 :: String
base3 = "#fdf6e3"
blue :: String
blue = "#268bd2"
cyan :: String
cyan = "#2aa198"
green :: String
green = "#859900"
magenta :: String
magenta = "#d33682"
orange :: String
orange = "#cb4b16"
red :: String
red = "#dc322f"
violet :: String
violet = "#6c71c4"
yellow :: String
yellow = "#b58900"

49
nixos/system/desktop/home-manager/xmonad/SolarizedLight.hs Normal file
View file

@ -0,0 +1,49 @@
module SolarizedLight where
blue :: String
blue = "#268bd2"
cyan :: String
cyan = "#2aa198"
green :: String
green = "#859900"
magenta :: String
magenta = "#d33682"
orange :: String
orange = "#cb4b16"
red :: String
red = "#dc322f"
violet :: String
violet = "#6c71c4"
yellow :: String
yellow = "#b58900"
base0 :: String
base0 = "#657b83"
base00 :: String
base00 = "#839496"
base01 :: String
base01 = "#93a1a1"
base02 :: String
base02 = "#eee8d5"
base03 :: String
base03 = "#fdf6e3"
base1 :: String
base1 = "#586e75"
base2 :: String
base2 = "#073642"
base3 :: String
base3 = "#002b36"

508
nixos/system/desktop/home-manager/xmonad/SubLayouts.hs Normal file
View file

@ -0,0 +1,508 @@
{-# LANGUAGE PatternGuards, ParallelListComp, DeriveDataTypeable, FlexibleInstances, FlexibleContexts, MultiParamTypeClasses, TypeSynonymInstances #-}
-----------------------------------------------------------------------------
-- |
-- Module : XMonad.Layout.SubLayouts
-- Copyright : (c) 2009 Adam Vogt
-- License : BSD-style (see xmonad/LICENSE)
--
-- Maintainer : vogt.adam@gmail.com
-- Stability : unstable
-- Portability : unportable
--
-- A layout combinator that allows layouts to be nested.
--
-- had to copy it because
-- * uses the wrong Boring Windows library
-----------------------------------------------------------------------------
module SubLayouts (
-- * Usage
-- $usage
subLayout,
subTabbed,
pushGroup, pullGroup,
pushWindow, pullWindow,
onGroup, toSubl, mergeDir,
GroupMsg(..),
Broadcast(..),
defaultSublMap,
Sublayout,
-- * Screenshots
-- $screenshots
-- * Todo
-- $todo
)
where
import XMonad.Layout.Circle () -- so haddock can find the link
import XMonad.Layout.Decoration(Decoration, DefaultShrinker)
import XMonad.Layout.LayoutModifier(LayoutModifier(handleMess, modifyLayout,
redoLayout),
ModifiedLayout(..))
import XMonad.Layout.Simplest(Simplest(..))
import XMonad.Layout.Tabbed(shrinkText,
TabbedDecoration, addTabs)
import XMonad.Layout.WindowNavigation(Navigate(Apply))
import XMonad.Util.Invisible(Invisible(..))
import XMonad.Util.Types(Direction2D(..))
import XMonad hiding (def)
import Control.Applicative((<$>),(<*))
import Control.Arrow(Arrow(second, (&&&)))
import Control.Monad(MonadPlus(mplus), foldM, guard, when, join)
import Data.Function(on)
import Data.List(nubBy, (\\), find)
import Data.Maybe(isNothing, fromMaybe, listToMaybe, mapMaybe)
import Data.Traversable(sequenceA)
import qualified BoringWindows as B
import qualified XMonad as X
import qualified XMonad.StackSet as W
import qualified Data.Map as M
import Data.Map(Map)
-- $screenshots
--
-- <<http://haskell.org/sitewiki/images/thumb/8/8b/Xmonad-SubLayouts-xinerama.png/480px-Xmonad-SubLayouts-xinerama.png>>
--
-- Larger version: <http://haskell.org/sitewiki/images/8/8b/Xmonad-SubLayouts-xinerama.png>
-- $todo
-- /Issue 288/
--
-- "XMonad.Layout.ResizableTile" assumes that its environment
-- contains only the windows it is running: sublayouts are currently run with
-- the stack containing only the windows passed to it in its environment, but
-- any changes that the layout makes are not merged back.
--
-- Should the behavior be made optional?
--
-- /Features/
--
-- * suggested managehooks for merging specific windows, or the apropriate
-- layout based hack to find out the number of groups currently showed, but
-- the size of current window groups is not available (outside of this
-- growing module)
--
-- /SimpleTabbed as a SubLayout/
--
-- 'subTabbed' works well, but it would be more uniform to avoid the use of
-- addTabs, with the sublayout being Simplest (but
-- 'XMonad.Layout.Tabbed.simpleTabbed' is this...). The only thing to be
-- gained by fixing this issue is the ability to mix and match decoration
-- styles. Better compatibility with some other layouts of which I am not
-- aware could be another benefit.
--
-- 'simpleTabbed' (and other decorated layouts) fail horribly when used as
-- subLayouts:
--
-- * decorations stick around: layout is run after being told to Hide
--
-- * mouse events do not change focus: the group-ungroup does not respect
-- the focus changes it wants?
--
-- * sending ReleaseResources before running it makes xmonad very slow, and
-- still leaves borders sticking around
--
-- $usage
-- You can use this module with the following in your @~\/.xmonad\/xmonad.hs@:
--
-- > import XMonad.Layout.SubLayouts
-- > import XMonad.Layout.WindowNavigation
--
-- Using "XMonad.Layout.BoringWindows" is optional and it allows you to add a
-- keybinding to skip over the non-visible windows.
--
-- > import XMonad.Layout.BoringWindows
--
-- Then edit your @layoutHook@ by adding the 'subTabbed' layout modifier:
--
-- > myLayout = windowNavigation $ subTabbed $ boringWindows $
-- > Tall 1 (3/100) (1/2) ||| etc..
-- > main = xmonad def { layoutHook = myLayout }
--
-- "XMonad.Layout.WindowNavigation" is used to specify which windows to merge,
-- and it is not integrated into the modifier because it can be configured, and
-- works best as the outer modifier.
--
-- Then to your keybindings add:
--
-- > , ((modm .|. controlMask, xK_h), sendMessage $ pullGroup L)
-- > , ((modm .|. controlMask, xK_l), sendMessage $ pullGroup R)
-- > , ((modm .|. controlMask, xK_k), sendMessage $ pullGroup U)
-- > , ((modm .|. controlMask, xK_j), sendMessage $ pullGroup D)
-- >
-- > , ((modm .|. controlMask, xK_m), withFocused (sendMessage . MergeAll))
-- > , ((modm .|. controlMask, xK_u), withFocused (sendMessage . UnMerge))
-- >
-- > , ((modm .|. controlMask, xK_period), onGroup W.focusUp')
-- > , ((modm .|. controlMask, xK_comma), onGroup W.focusDown')
--
-- These additional keybindings require the optional
-- "XMonad.Layout.BoringWindows" layoutModifier. The focus will skip over the
-- windows that are not focused in each sublayout.
--
-- > , ((modm, xK_j), focusDown)
-- > , ((modm, xK_k), focusUp)
--
-- A 'submap' can be used to make modifying the sublayouts using 'onGroup' and
-- 'toSubl' simpler:
--
-- > ,((modm, xK_s), submap $ defaultSublMap conf)
--
-- /NOTE:/ is there some reason that @asks config >>= submap . defaultSublMap@
-- could not be used in the keybinding instead? It avoids having to explicitly
-- pass the conf.
--
-- For more detailed instructions, see:
--
-- "XMonad.Doc.Extending#Editing_the_layout_hook"
-- "XMonad.Doc.Extending#Adding_key_bindings"
-- | The main layout modifier arguments:
--
-- @subLayout advanceInnerLayouts innerLayout outerLayout@
--
-- [@advanceInnerLayouts@] When a new group at index @n@ in the outer layout
-- is created (even with one element), the @innerLayout@ is used as the
-- layout within that group after being advanced with @advanceInnerLayouts !!
-- n@ 'NextLayout' messages. If there is no corresponding element in the
-- @advanceInnerLayouts@ list, then @innerLayout@ is not given any 'NextLayout'
-- messages.
--
-- [@innerLayout@] The single layout given to be run as a sublayout.
--
-- [@outerLayout@] The layout that determines the rectangles given to each
-- group.
--
-- Ex. The second group is 'Tall', the third is 'Circle', all others are tabbed
-- with:
--
-- > myLayout = addTabs shrinkText def
-- > $ subLayout [0,1,2] (Simplest ||| Tall 1 0.2 0.5 ||| Circle)
-- > $ Tall 1 0.2 0.5 ||| Full
subLayout :: [Int] -> subl a -> l a -> ModifiedLayout (Sublayout subl) l a
subLayout nextLayout sl x = ModifiedLayout (Sublayout (I []) (nextLayout,sl) []) x
-- | @subTabbed@ is a use of 'subLayout' with 'addTabs' to show decorations.
subTabbed :: (Eq a, LayoutModifier (Sublayout Simplest) a, LayoutClass l a) =>
l a -> ModifiedLayout (Decoration TabbedDecoration DefaultShrinker)
(ModifiedLayout (Sublayout Simplest) l) a
subTabbed x = addTabs shrinkText X.def $ subLayout [] Simplest x
-- | @defaultSublMap@ is an attempt to create a set of keybindings like the
-- defaults ones but to be used as a 'submap' for sending messages to the
-- sublayout.
defaultSublMap :: XConfig l -> Map (KeyMask, KeySym) (X ())
defaultSublMap (XConfig { modMask = modm }) = M.fromList
[((modm, xK_space), toSubl NextLayout),
((modm, xK_j), onGroup W.focusDown'),
((modm, xK_k), onGroup W.focusUp'),
((modm, xK_h), toSubl Shrink),
((modm, xK_l), toSubl Expand),
((modm, xK_Tab), onGroup W.focusDown'),
((modm .|. shiftMask, xK_Tab), onGroup W.focusUp'),
((modm, xK_m), onGroup focusMaster'),
((modm, xK_comma), toSubl $ IncMasterN 1),
((modm, xK_period), toSubl $ IncMasterN (-1)),
((modm, xK_Return), onGroup swapMaster')
]
where
-- should these go into XMonad.StackSet?
focusMaster' st = let (f:fs) = W.integrate st
in W.Stack f [] fs
swapMaster' (W.Stack f u d) = W.Stack f [] $ reverse u ++ d
data Sublayout l a = Sublayout
{ delayMess :: Invisible [] (SomeMessage,a)
-- ^ messages are handled when running the layout,
-- not in the handleMessage, I'm not sure that this
-- is necessary
, def :: ([Int], l a) -- ^ how many NextLayout messages to send to newly
-- populated layouts. If there is no corresponding
-- index, then don't send any.
, subls :: [(l a,W.Stack a)]
-- ^ The sublayouts and the stacks they manage
}
deriving (Read,Show)
-- | Groups assumes this invariant:
-- M.keys gs == map W.focus (M.elems gs) (ignoring order)
-- All windows in the workspace are in the Map
--
-- The keys are visible windows, the rest are hidden.
--
-- This representation probably simplifies the internals of the modifier.
type Groups a = Map a (W.Stack a)
-- | GroupMsg take window parameters to determine which group the action should
-- be applied to
data GroupMsg a
= UnMerge a -- ^ free the focused window from its tab stack
| UnMergeAll a
-- ^ separate the focused group into singleton groups
| Merge a a -- ^ merge the first group into the second group
| MergeAll a
-- ^ make one large group, keeping the parameter focused
| Migrate a a
-- ^ used to the window named in the first argument to the
-- second argument's group, this may be replaced by a
-- combination of 'UnMerge' and 'Merge'
| WithGroup (W.Stack a -> X (W.Stack a)) a
| SubMessage SomeMessage a
-- ^ the sublayout with the given window will get the message
deriving (Typeable)
-- | merge the window that would be focused by the function when applied to the
-- W.Stack of all windows, with the current group removed. The given window
-- should be focused by a sublayout. Example usage: @withFocused (sendMessage .
-- mergeDir W.focusDown')@
mergeDir :: (W.Stack Window -> W.Stack Window) -> Window -> GroupMsg Window
mergeDir f w = WithGroup g w
where g cs = do
let onlyOthers = W.filter (`notElem` W.integrate cs)
flip whenJust (sendMessage . Merge (W.focus cs) . W.focus . f)
=<< fmap (onlyOthers =<<) currentStack
return cs
data Broadcast = Broadcast SomeMessage -- ^ send a message to all sublayouts
deriving (Typeable)
instance Message Broadcast
instance Typeable a => Message (GroupMsg a)
-- | @pullGroup@, @pushGroup@ allow you to merge windows or groups inheriting
-- the position of the current window (pull) or the other window (push).
--
-- @pushWindow@ and @pullWindow@ move individual windows between groups. They
-- are less effective at preserving window positions.
pullGroup,pushGroup,pullWindow,pushWindow :: Direction2D -> Navigate
pullGroup = mergeNav (\o c -> sendMessage $ Merge o c)
pushGroup = mergeNav (\o c -> sendMessage $ Merge c o)
pullWindow = mergeNav (\o c -> sendMessage $ Migrate o c)
pushWindow = mergeNav (\o c -> sendMessage $ Migrate c o)
mergeNav :: (Window -> Window -> X ()) -> Direction2D -> Navigate
mergeNav f = Apply (\o -> withFocused (f o))
-- | Apply a function on the stack belonging to the currently focused group. It
-- works for rearranging windows and for changing focus.
onGroup :: (W.Stack Window -> W.Stack Window) -> X ()
onGroup f = withFocused (sendMessage . WithGroup (return . f))
-- | Send a message to the currently focused sublayout.
toSubl :: (Message a) => a -> X ()
toSubl m = withFocused (sendMessage . SubMessage (SomeMessage m))
instance (Read (l Window), Show (l Window), LayoutClass l Window) => LayoutModifier (Sublayout l) Window where
modifyLayout (Sublayout { subls = osls }) (W.Workspace i la st) r = do
let gs' = updateGroup st $ toGroups osls
st' = W.filter (`elem` M.keys gs') =<< st
updateWs gs'
oldStack <- gets $ W.stack . W.workspace . W.current . windowset
setStack st'
runLayout (W.Workspace i la st') r <* setStack oldStack
-- FIXME: merge back reordering, deletions?
redoLayout (Sublayout { delayMess = I ms, def = defl, subls = osls }) _r st arrs = do
let gs' = updateGroup st $ toGroups osls
sls <- fromGroups defl st gs' osls
let newL :: LayoutClass l Window => Rectangle -> WorkspaceId -> (l Window) -> Bool
-> (Maybe (W.Stack Window)) -> X ([(Window, Rectangle)], l Window)
newL rect n ol isNew sst = do
orgStack <- currentStack
let handle l (y,_)
| not isNew = fromMaybe l <$> handleMessage l y
| otherwise = return l
kms = filter ((`elem` M.keys gs') . snd) ms
setStack sst
nl <- foldM handle ol $ filter ((`elem` W.integrate' sst) . snd) kms
result <- runLayout (W.Workspace n nl sst) rect
setStack orgStack -- FIXME: merge back reordering, deletions?
return $ fromMaybe nl `second` result
(urls,ssts) = unzip [ (newL gr i l isNew sst, sst)
| (isNew,(l,_st)) <- sls
| i <- map show [ 0 :: Int .. ]
| (k,gr) <- arrs, let sst = M.lookup k gs' ]
arrs' <- sequence urls
sls' <- return . Sublayout (I []) defl . map snd <$> fromGroups defl st gs'
[ (l,s) | (_,l) <- arrs' | (Just s) <- ssts ]
return (concatMap fst arrs', sls')
handleMess (Sublayout (I ms) defl sls) m
| Just (SubMessage sm w) <- fromMessage m =
return $ Just $ Sublayout (I ((sm,w):ms)) defl sls
| Just (Broadcast sm) <- fromMessage m = do
ms' <- fmap (zip (repeat sm) . W.integrate') currentStack
return $ if null ms' then Nothing
else Just $ Sublayout (I $ ms' ++ ms) defl sls
| Just B.UpdateBoring <- fromMessage m = do
let bs = concatMap unfocused $ M.elems gs
ws <- gets (W.workspace . W.current . windowset)
flip sendMessageWithNoRefresh ws $ B.Replace "Sublayouts" bs
return Nothing
| Just (WithGroup f w) <- fromMessage m
, Just g <- M.lookup w gs = do
g' <- f g
let gs' = M.insert (W.focus g') g' $ M.delete (W.focus g) gs
when (gs' /= gs) $ updateWs gs'
when (w /= W.focus g') $ windows (W.focusWindow $ W.focus g')
return Nothing
| Just (MergeAll w) <- fromMessage m =
let gs' = fmap (M.singleton w)
$ (focusWindow' w =<<) $ W.differentiate
$ concatMap W.integrate $ M.elems gs
in maybe (return Nothing) fgs gs'
| Just (UnMergeAll w) <- fromMessage m =
let ws = concatMap W.integrate $ M.elems gs
_ = w :: Window
mkSingleton f = M.singleton f (W.Stack f [] [])
in fgs $ M.unions $ map mkSingleton ws
| Just (Merge x y) <- fromMessage m
, Just (W.Stack _ xb xn) <- findGroup x
, Just yst <- findGroup y =
let zs = W.Stack x xb (xn ++ W.integrate yst)
in fgs $ M.insert x zs $ M.delete (W.focus yst) gs
| Just (UnMerge x) <- fromMessage m =
fgs . M.fromList . map (W.focus &&& id) . M.elems
$ M.mapMaybe (W.filter (x/=)) gs
-- XXX sometimes this migrates an incorrect window, why?
| Just (Migrate x y) <- fromMessage m
, Just xst <- findGroup x
, Just (W.Stack yf yu yd) <- findGroup y =
let zs = W.Stack x (yf:yu) yd
nxsAdd = maybe id (\e -> M.insert (W.focus e) e) $ W.filter (x/=) xst
in fgs $ nxsAdd $ M.insert x zs $ M.delete yf gs
| otherwise = fmap join $ sequenceA $ catchLayoutMess <$> fromMessage m
where gs = toGroups sls
fgs gs' = do
st <- currentStack
Just . Sublayout (I ms) defl . map snd <$> fromGroups defl st gs' sls
findGroup z = mplus (M.lookup z gs) $ listToMaybe
$ M.elems $ M.filter ((z `elem`) . W.integrate) gs
-- catchLayoutMess :: LayoutMessages -> X (Maybe (Sublayout l Window))
-- This l must be the same as from the instance head,
-- -XScopedTypeVariables should bring it into scope, but we are
-- trying to avoid warnings with ghc-6.8.2 and avoid CPP
catchLayoutMess x = do
let m' = x `asTypeOf` (undefined :: LayoutMessages)
ms' <- zip (repeat $ SomeMessage m') . W.integrate'
<$> currentStack
return $ do guard $ not $ null ms'
Just $ Sublayout (I $ ms' ++ ms) defl sls
currentStack :: X (Maybe (W.Stack Window))
currentStack = gets (W.stack . W.workspace . W.current . windowset)
-- | update Group to follow changes in the workspace
updateGroup :: Ord a => Maybe (W.Stack a) -> Groups a -> Groups a
updateGroup mst gs =
let flatten = concatMap W.integrate . M.elems
news = W.integrate' mst \\ flatten gs
deads = flatten gs \\ W.integrate' mst
uniNew = M.union (M.fromList $ map (\n -> (n,single n)) news)
single x = W.Stack x [] []
-- pass through a list to update/remove keys
remDead = M.fromList . map (\w -> (W.focus w,w))
. mapMaybe (W.filter (`notElem` deads)) . M.elems
-- update the current tab group's order and focus
followFocus hs = fromMaybe hs $ do
f' <- W.focus `fmap` mst
xs <- find (elem f' . W.integrate) $ M.elems hs
xs' <- W.filter (`elem` W.integrate xs) =<< mst
return $ M.insert f' xs' $ M.delete (W.focus xs) hs
in remDead $ uniNew $ followFocus gs
-- | rearrange the windowset to put the groups of tabs next to eachother, so
-- that the stack of tabs stays put.
updateWs :: Groups Window -> X ()
updateWs = windowsMaybe . updateWs'
updateWs' :: Groups Window -> WindowSet -> Maybe WindowSet
updateWs' gs ws = do
f <- W.peek ws
let w = W.index ws
nes = concatMap W.integrate $ mapMaybe (flip M.lookup gs) w
ws' = W.focusWindow f $ foldr W.insertUp (foldr W.delete' ws nes) nes
guard $ W.index ws' /= W.index ws
return ws'
-- | focusWindow'. focus an element of a stack, is Nothing if that element is
-- absent. See also 'W.focusWindow'
focusWindow' :: (Eq a) => a -> W.Stack a -> Maybe (W.Stack a)
focusWindow' w st = do
guard $ not $ null $ filter (w==) $ W.integrate st
if W.focus st == w then Just st
else focusWindow' w $ W.focusDown' st
-- update only when Just
windowsMaybe :: (WindowSet -> Maybe WindowSet) -> X ()
windowsMaybe f = do
xst <- get
ws <- gets windowset
let up fws = put xst { windowset = fws }
maybe (return ()) up $ f ws
unfocused :: W.Stack a -> [a]
unfocused x = W.up x ++ W.down x
toGroups :: (Ord a) => [(a1, W.Stack a)] -> Map a (W.Stack a)
toGroups ws = M.fromList . map (W.focus &&& id) . nubBy (on (==) W.focus)
$ map snd ws
-- | restore the default layout for each group. It needs the X monad to switch
-- the default layout to a specific one (handleMessage NextLayout)
fromGroups :: (LayoutClass layout a, Ord k) =>
([Int], layout a)
-> Maybe (W.Stack k)
-> Groups k
-> [(layout a, b)]
-> X [(Bool,(layout a, W.Stack k))]
fromGroups (skips,defl) st gs sls = do
defls <- mapM (iterateM nextL defl !!) skips
return $ fromGroups' defl defls st gs (map fst sls)
where nextL l = fromMaybe l <$> handleMessage l (SomeMessage NextLayout)
iterateM f = iterate (>>= f) . return
fromGroups' :: (Ord k) => a -> [a] -> Maybe (W.Stack k) -> Groups k -> [a]
-> [(Bool,(a, W.Stack k))]
fromGroups' defl defls st gs sls =
[ (isNew,fromMaybe2 (dl, single w) (l, M.lookup w gs))
| l <- map Just sls ++ repeat Nothing, let isNew = isNothing l
| dl <- defls ++ repeat defl
| w <- W.integrate' $ W.filter (`notElem` unfocs) =<< st ]
where unfocs = unfocused =<< M.elems gs
single w = W.Stack w [] []
fromMaybe2 (a,b) (x,y) = (fromMaybe a x, fromMaybe b y)
-- this would be much cleaner with some kind of data-accessor
setStack :: Maybe (W.Stack Window) -> X ()
setStack x = modify (\s -> s { windowset = (windowset s)
{ W.current = (W.current $ windowset s)
{ W.workspace = (W.workspace $ W.current $ windowset s) { W.stack = x }}}})

112
nixos/system/desktop/home-manager/xmonad/TabbedFix.hs Normal file
View file

@ -0,0 +1,112 @@
{-# LANGUAGE MultiParamTypeClasses #-}
{-# LANGUAGE TypeSynonymInstances #-}
module TabbedFix (historyLayout, runAllPending) where
import Control.DeepSeq (force)
import qualified Data.List as L
import XMonad
import XMonad.Layout.LayoutModifier (LayoutModifier,
ModifiedLayout (ModifiedLayout),
modifyLayout)
import qualified XMonad.StackSet as W
import qualified XMonad.Util.ExtensibleState as ES
newtype PendingActions =
PendingActions [X ()]
instance ExtensionClass PendingActions where
initialValue = PendingActions []
addAction :: X () -> X ()
addAction x = ES.modify (\(PendingActions xs) -> PendingActions (x:xs))
runAllPending :: X ()
runAllPending = do
PendingActions actions <- ES.get
ES.put (PendingActions [])
sequence_ actions
newtype FocusHistory = FocusHistory {
getFocusHistory :: [Window]
} deriving (Read, Show, Typeable)
instance ExtensionClass FocusHistory where
initialValue = FocusHistory []
extensionType = PersistentExtension
data FocusLayout a = FocusLayout deriving (Read,Show,Typeable)
historyLayout :: l Window -> ModifiedLayout FocusLayout l Window
historyLayout = ModifiedLayout FocusLayout
instance LayoutModifier FocusLayout Window where
modifyLayout _ workspace rectangle = do
currentFocusedWindow <- getFocused
windowHistory <- getFocusHistory <$> ES.get
newWindow <- windowHistoryHook currentFocusedWindow
case newWindow of
Nothing -> runLayout workspace rectangle
Just window -> do
let currentStack = W.stack workspace
let lastFocusedWindow =
L.find (`elem` W.integrate' currentStack) windowHistory
let focusWindow windowToFocus =
until ((windowToFocus ==) . W.focus) W.focusUp' <$> currentStack
let newstack =
if window `elem` W.integrate' currentStack
then focusWindow window
else case lastFocusedWindow of
Just window' -> focusWindow window'
Nothing -> currentStack
modifyWindowSet (W.focusWindow window)
addAction $ do
maybe (return ()) makeBorderNormal currentFocusedWindow
windows id
runLayout workspace {W.stack = newstack} rectangle
windowHistoryHook :: Maybe Window -> X (Maybe Window)
windowHistoryHook Nothing = return Nothing
windowHistoryHook (Just currentFocusedWindow) = do
currentWindows <- gets $ W.index . windowset
windowHistory <- getFocusHistory <$> ES.get
withWindowSet $ \windowSet ->
case windowHistory of
[] -> do
ES.put $ FocusHistory [currentFocusedWindow]
return Nothing
(prevFocusedWindow:focusedWindows)
| prevFocusedWindow == currentFocusedWindow -> return Nothing
-- Previous focus was removed from windowSet focus on previous existing window in current windowSet
| prevFocusedWindow `notElem` currentWindows -> do
let windowHistory' = filter (`W.member` windowSet) focusedWindows
ES.put (FocusHistory $ force windowHistory')
return $ L.find (`elem` currentWindows) windowHistory'
-- Add current focus to windowHistory
| otherwise -> do
ES.put $
FocusHistory $
force $
currentFocusedWindow : L.delete currentFocusedWindow windowHistory
return Nothing
makeBorderRed :: Window -> X ()
makeBorderRed w =
withDisplay $ \d -> io $ do
setWindowBorder d w 0xff0000
-- wz1000: palo: btw, you will need to change the color in makeBorderNormal to your unfocused border color
makeBorderNormal :: Window -> X ()
makeBorderNormal w =
withDisplay $ \d -> io $ do
setWindowBorder d w 0x2b2b2b
makeBorderFocused :: Window -> X ()
makeBorderFocused w =
withDisplay $ \d -> io $ do
setWindowBorder d w 0xcccccc
getFocused :: X (Maybe Window)
getFocused = withWindowSet (return . W.peek)

12
nixos/system/desktop/home-manager/xmonad/current-project.nix Normal file
View file

@ -0,0 +1,12 @@
# created by cabal2nix
{ mkDerivation, base, deepseq, lib, xmonad, xmonad-contrib, xmonad-extras }:
mkDerivation {
pname = "palos-xmonad";
version = "0.1.0.0";
src = ./.;
isLibrary = false;
isExecutable = true;
executableHaskellDepends =
[ base deepseq xmonad xmonad-contrib xmonad-extras ];
license = lib.licenses.gpl3;
}

12
nixos/system/desktop/home-manager/xmonad/env.nix Normal file
View file

@ -0,0 +1,12 @@
{ pkgs ? import <nixpkgs> {
overlays = [
(self: super: {
haskellPackages = super.haskellPackages.override {
overrides = self: super: {
current-project = super.callPackage ./current-project.nix { };
};
};
})
];
} }:
pkgs.haskellPackages.current-project.env

14
nixos/system/desktop/home-manager/xmonad/lsp.nix Normal file
View file

@ -0,0 +1,14 @@
{ pkgs ? import <nixpkgs> { } }:
let
all-hies =
import (fetchTarball "https://github.com/infinisil/all-hies/tarball/master")
{ };
in pkgs.mkShell {
buildInputs = with pkgs; [
haskellPackages.hoogle
haskellPackages.hindent
haskellPackages.hlint
haskellPackages.stylish-haskell
(all-hies.selection { selector = p: { inherit (p) ghc865; }; })
];
}

31
nixos/system/desktop/home-manager/xmonad/palos-xmonad.cabal Normal file
View file

@ -0,0 +1,31 @@
cabal-version: 2.4
-- this is only here to satisfy my haskell mode in emacs
name: palos-xmonad
version: 0.1.0.0
license: GPL-3.0-only
license-file: LICENSE
author: Ingolf Wagner
maintainer: contact@ingolf-wagner.de
category: Graphics
executable palos-xmonad
main-is: Main.hs
other-extensions:
MultiParamTypeClasses
, TypeSynonymInstances
other-modules:
BoringWindows
, FloatKeys
, NixCommands
, SolarizedLight
, SubLayouts
, TabbedFix
build-depends: base
, xmonad
, containers
, deepseq
, xmonad-contrib
, xmonad-extras
default-language: Haskell2010

9
nixos/system/desktop/home-manager/xmonad/shell.nix Normal file
View file

@ -0,0 +1,9 @@
{ pkgs ? import <nixpkgs> { } }:
let
updateCabal = pkgs.writeShellScriptBin "update-cabal" # sh
''
cd ${toString ./.}
echo "# created by cabal2nix " > ${toString ./.}/current-project.nix
${pkgs.cabal2nix}/bin/cabal2nix . >> ${toString ./.}/current-project.nix
'';
in pkgs.mkShell { buildInputs = with pkgs; [ updateCabal cabal2nix ]; }

60
nixos/system/desktop/icecast.nix Normal file
View file

@ -0,0 +1,60 @@
# --------------------------------------------------
# How to use?
# * start the icecast
# * connect via mixxx to it.
# * add the podcast to mpd in the same network
# --------------------------------------------------
{ pkgs, config, lib, ... }:
let
user = "username";
password = "password";
mountPoint = "/radio.mp3";
maxListeners = 20;
in {
services.icecast = {
enable = true;
hostname = config.networking.hostName;
admin = {
user = "palo";
password = "palo";
};
# http://icecast.org/docs/icecast-2.4.1/config-file.html
extraConf = ''
<mount type="normal">
<mount-name>${mountPoint}</mount-name>
<username>${user}</username>
<password>${password}</password>
<max-listeners>${toString maxListeners}</max-listeners>
<max-listener-duration>3600</max-listener-duration>
<charset>UTF8</charset>
<public>1</public>
<stream-name>Palos Awesome Stream</stream-name>
<stream-description>Kick ass Tracks</stream-description>
<stream-url>https://ingolf-wagner.de</stream-url>
<genre>classical</genre>
<bitrate>320</bitrate>
<type>application/ogg</type>
<subtype>vorbis</subtype>
<hidden>1</hidden>
<burst-size>65536</burst-size>
<mp3-metadata-interval>4096</mp3-metadata-interval>
</mount>
'';
};
# use port which I can see in iptable -L -v -n
networking.firewall = {
allowedTCPPorts = [ config.services.icecast.listen.port ];
allowedUDPPorts = [ config.services.icecast.listen.port ];
};
# don't want to have the service running all the time
# ---------------------------------------------------
systemd.services.icecast.wantedBy = lib.mkForce [ ];
systemd.services.icecast.after = lib.mkForce [ ];
}

383
nixos/system/desktop/mail-stuff.nix Normal file
View file

@ -0,0 +1,383 @@
{ config, pkgs, lib, ... }:
let
passcmd = id: "${pkgs.pass}/bin/pass ${id}";
ticks = "''";
in {
# Maildir <-> Server communication
# --------------------------------
# mbsync: MailDir <-> IMAP
# msmtp: sendmail interface sending mails through your provider.
# client backend
# --------------
# notmuch: Tagdatabase for Emails
# muchsync: notmuch database synctool
# clients
# -------
# neomutt
home-manager.users.mainUser.accounts.email.accounts = {
palo_van_dalo-gmx = {
primary = false;
address = "palo_van_dalo@gmx.de";
aliases = [ ];
realName = "Ingolf Wagner";
userName = "palo_van_dalo@gmx.de";
passwordCommand = passcmd "mail/gmx/palo_van_dalo@gmx.de";
smtp = {
host = "smtp.gmx.net";
port = 465;
};
notmuch.enable = true;
msmtp = { enable = true; };
};
ingolf-wagner-gmx = {
primary = false;
address = "ingolf.wagner@gmx.de";
aliases = [ ];
realName = "Ingolf Wagner";
userName = "ingolf.wagner@gmx.de";
passwordCommand = passcmd "mail/gmx/ingolf.wagner@gmx.de";
smtp = {
host = "smtp.gmx.net";
port = 465;
};
notmuch.enable = true;
msmtp = { enable = true; };
};
pali_palo = {
primary = false;
address = "pali_palo@web.de";
aliases = [ ];
realName = "Ingolf Wagner";
userName = "pali_palo@web.de";
passwordCommand = passcmd "mail/web.de/pali_palo@web.de";
smtp = {
host = "smtp.web.de";
port = 465;
};
notmuch.enable = true;
msmtp = { enable = true; };
};
gmail = {
# for google accounts you have to allow 'less secure apps' in accounts.google.com
primary = true;
address = "palipalo9@googlemail.com";
aliases = [ ];
realName = "Ingolf Wagner";
userName = "palipalo9@googlemail.com";
passwordCommand = passcmd "mail/gmail/palipalo9@googlemail.com";
smtp = {
host = "smtp.gmail.com";
port = 465;
};
notmuch.enable = true;
msmtp = {
enable = true;
# msmtp --serverinfo --tls --tls-certcheck=off -a gmail
};
gpg = {
encryptByDefault = true;
signByDefault = true;
key = "42AC51C9482D0834CF488AF1389EC2D64AC71EAC";
};
};
terranix_org = {
primary = false;
address = "palo@terranix.org";
aliases = [ ];
realName = "Ingolf Wagner";
userName = "palo@terranix.org";
passwordCommand = passcmd "mail/namecheap/palo@terranix.org";
smtp = {
host = "mail.privateemail.com";
port = 465;
};
notmuch.enable = true;
msmtp = {
enable = true;
# msmtp --serverinfo --tls --tls-certcheck=off -a gmail
};
};
ingolf-wagner = {
primary = false;
address = "contact@ingolf-wagner.de";
aliases = [ ];
realName = "Ingolf Wagner";
userName = "contact@ingolf-wagner.de";
passwordCommand = passcmd "mail/siteground/contact@ingolf-wagner.de";
notmuch.enable = true;
smtp = {
host = "securees5.sgcpanel.com";
port = 587;
tls.useStartTls = true;
};
msmtp = {
enable = true;
# msmtp --serverinfo --tls --tls-certcheck=off -a ingolf-wagner
tls.fingerprint =
"F3:5C:9A:BF:82:35:78:AA:42:85:F5:D1:2A:08:B9:B4:56:6D:B7:BF:47:3B:37:B4:D8:B5:10:AE:0E:95:03:CD";
};
gpg = {
encryptByDefault = true;
signByDefault = true;
key = "42AC51C9482D0834CF488AF1389EC2D64AC71EAC";
};
};
};
# install mail programs
home-manager.users.mainUser.programs.msmtp.enable = true;
home-manager.users.mainUser.programs.notmuch.enable = true;
# enable html emails
home-manager.users.mainUser.home.file.".mailcap".text = ''
text/html; ${pkgs.elinks}/bin/elinks -dump ; copiousoutput;
'';
home-manager.users.mainUser.home.file.".muttrc".text = let
index_format = pkgs.writers.writeDash "index_format" ''
# http://www.mutt.org/doc/manual/#formatstrings
recipent="$(echo $1 | sed 's/[^,]*<\([^>]*\)[^,]*/ \1/g')"
echo "%4C %Z %?GI?%GI& ? %[%y-%m-%d %H:%M] %-20.20a %?M?(%3M)& ? %s %> $recipent %?g?%g?%"
'';
in ''
# gpg
set crypt_use_gpgme=yes
set crypt_autosign=yes
set crypt_verify_sig=yes
set crypt_replysign=yes
set crypt_replyencrypt=yes
set crypt_replysignencrypted=yes
# mutt is not smart enough to see if I have a key or not
#set crypt_autoencrypt = yes
set pgp_check_gpg_decrypt_status_fd
set pgp_use_gpg_agent = yes
set pgp_self_encrypt = yes # needs default key
set pgp_default_key = 42AC51C9482D0834CF488AF1389EC2D64AC71EAC
# read html mails
auto_view text/html
set mailcap_path = ~/.mailcap
# notmuch
set nm_default_uri="notmuch://$HOME/Maildir" # path to the maildir
set nm_record = yes
set nm_record_tags = "-inbox me archive"
set virtual_spoolfile=yes # enable virtual folders
set sendmail=${
pkgs.writers.writeBash "msmtp" ''
${pkgs.coreutils}/bin/tee >(${pkgs.notmuch}/bin/notmuch insert --create-folder +sent) | \
${pkgs.msmtp}/bin/msmtpq "$@"
''
}
set from="contact@ingolf-wagner.de"
#alternates ^.*@ingolf-wagner\.de$ ^.*@.*\.r$
set use_from=yes
set envelope_from=yes
set reverse_name
set sort=threads
set index_format="${index_format} %r |"
folder-hook 'Discourse.*' 'set sort=reverse-date'
virtual-mailboxes "INBOX" "notmuch://?query=(tag:inbox or (tag:sent and not tag:archive)) AND NOT tag:discourse AND NOT tag:muted AND NOT tag:list AND NOT tag:fraud AND NOT tag:junk"
virtual-mailboxes "Unread" "notmuch://?query=(tag:unread AND NOT tag:muted)"
virtual-mailboxes "Space left" "notmuch://?query=((tag:spaceleft OR tag:space-lef) AND NOT tag:muted)"
virtual-mailboxes "Sononym" "notmuch://?query=(tag:sononym AND NOT tag:muted)"
virtual-mailboxes "c-base" "notmuch://?query=(tag:cbase AND NOT tag:muted)"
virtual-mailboxes "shopping" "notmuch://?query=((tag:billing OR tag:shopping) AND NOT tag:muted)"
virtual-mailboxes "Immobilien" "notmuch://?query=(tag:immobilien AND NOT tag:muted)"
virtual-mailboxes "NixOS Github" "notmuch://?query=(tag:github AND tag:nixos AND NOT tag:muted)"
virtual-mailboxes "Discourse.all" "notmuch://?query=(tag:discourse AND NOT tag:muted)"
virtual-mailboxes "Discourse.development" "notmuch://?query=(tag:discourse AND tag:development AND NOT tag:muted)"
virtual-mailboxes "Discourse.announcements" "notmuch://?query=(tag:discourse AND tag:announcements AND NOT tag:muted)"
virtual-mailboxes "Discourse.links" "notmuch://?query=(tag:discourse AND tag:links AND NOT tag:muted)"
virtual-mailboxes "Discourse.games" "notmuch://?query=(tag:discourse AND tag:games AND NOT tag:muted)"
virtual-mailboxes "Discourse.meta" "notmuch://?query=(tag:discourse AND tag:meta AND NOT tag:muted)"
virtual-mailboxes "Discourse.events" "notmuch://?query=(tag:discourse AND tag:events AND NOT tag:muted)"
virtual-mailboxes "Flagged" "notmuch://?query=tag:flagged"
virtual-mailboxes "Archive" "notmuch://?query=tag:archive"
virtual-mailboxes "Sent" "notmuch://?query=tag:sent"
virtual-mailboxes "Fraud" "notmuch://?query=(tag:fraud)"
virtual-mailboxes "Junk" "notmuch://?query=(tag:junk)"
virtual-mailboxes "All" "notmuch://?query=*"
tag-transforms "junk" "k" \
"unread" "u" \
"replied" "" \
# notmuch bindings
bind index \\\\ noop
bind pager \\ noop
bind pager \\\\ noop
macro index \\\\ "<vfolder-from-query>" # looks up a hand made query
macro pager \\\\ "<vfolder-from-query>" # looks up a hand made query
macro index + "<modify-labels>+flagged\n<sync-mailbox>" # tag as starred
macro pager + "<modify-labels>+flagged\n<sync-mailbox>" # tag as starred
macro index ! "<modify-labels>+flagged\n<sync-mailbox>" # tag as starred
macro pager ! "<modify-labels>+flagged\n<sync-mailbox>" # tag as starred
macro index - "<modify-labels>-flagged\n<sync-mailbox>" # tag as unstarred
macro pager - "<modify-labels>-flagged\n<sync-mailbox>" # tag as unstarred
# Address Book
# ------------
set query_command="${pkgs.notmuch-addrlookup}/bin/notmuch-addrlookup --mutt '%s'"
# keys bindings
# -------------
bind index d noop
bind index D noop
bind pager d noop
bind pager D noop
macro index D "<modify-labels-then-hide>-inbox -unread +deleted\n" # tag as deleted mail
macro index d "<modify-labels>-deleted\n" # tag as deleted mail
macro pager D "<modify-labels-then-hide>-inbox -unread +deleted\n" # tag as deleted mail
macro pager d "<modify-labels>-deleted\n" # tag as deleted mail
bind index S noop
bind index s noop
bind pager S noop
bind pager s noop
macro index S "<modify-labels-then-hide>-inbox -unread +junk\n" # tag as junk mail
macro index s "<modify-labels>-junk\n" # tag as junk mail
macro pager S "<modify-labels-then-hide>-inbox -unread +junk\n" # tag as junk mail
macro pager s "<modify-labels>-junk\n" # tag as junk mail
bind index r noop
bind index R noop
bind pager r noop
bind pager R noop
macro index r "<group-reply>" # reply to all
macro index R "<reply>" # reply
macro pager r "<group-reply>" # reply to all
macro pager R "<reply>" # reply
bind index A noop
bind index a noop
bind pager A noop
bind pager a noop
macro index A "<modify-labels>+archive -unread -inbox\n" # tag as Archived
macro index a "<modify-labels>-archive\n" # tag as Archived
macro pager A "<modify-labels>+archive -unread -inbox\n" # tag as Archived
macro pager a "<modify-labels>-archive\n" # tag as Archived
bind index U noop
bind index u noop
bind pager U noop
bind pager u noop
macro index u "<modify-labels>+unread\n"
macro index U "<modify-labels>-unread\n"
macro pager u "<modify-labels>+unread\n"
macro pager U "<modify-labels>-unread\n"
bind index l noop
bind pager l noop
macro index l "<modify-labels>" # set tags manual
macro pager l "<modify-labels>" # set tags manual
# taskwarrior
# -----------
# from https://www.nixternal.com/mark-e-mails-in-mutt-as-tasks-in-taskwarrior/
bind index t noop
bind pager t noop
bind index T noop
bind pager T noop
macro index T "<pipe-message>${
pkgs.writers.writeDash "mutt2task" ''
${pkgs.taskwarrior}/bin/task add +email scheduled:today E-mail: $( ${pkgs.gnugrep}/bin/grep 'Subject' $* | awk -F: '{print $2}' )
''
}<enter>"
# top index bar in email view
set pager_index_lines=7
# top_index_bar toggle
macro pager ,@1 "<enter-command> set pager_index_lines=0; macro pager ] ,@2 'Toggle indexbar<Enter>"
macro pager ,@2 "<enter-command> set pager_index_lines=3; macro pager ] ,@3 'Toggle indexbar<Enter>"
macro pager ,@3 "<enter-command> set pager_index_lines=7; macro pager ] ,@1 'Toggle indexbar<Enter>"
macro pager ] ,@1 'Toggle indexbar
# sidebar
# -------
set sidebar_width = 20
set sidebar_visible = yes # set to "no" to disable sidebar view at startup
color sidebar_new yellow default
# sidebar bindings
bind index <left> sidebar-prev # got to previous folder in sidebar
bind index <right> sidebar-next # got to next folder in sidebar
bind index <space> sidebar-open # open selected folder from sidebar
# sidebar toggle
#macro index,pager ,@) "<enter-command> set sidebar_visible=no; macro index,pager [ ,@( 'Toggle sidebar'<Enter>"
#macro index,pager ,@( "<enter-command> set sidebar_visible=yes; macro index,pager [ ,@) 'Toggle sidebar'<Enter>"
#macro index,pager [ ,@( 'Toggle sidebar' # toggle the sidebar
'';
environment.systemPackages = let
mailSync = pkgs.writers.writeDashBin "mail-sync" ''
${pkgs.muchsync}/bin/muchsync mailfetcher@workhorse.private --nonew
'';
mailSend = pkgs.writers.writeDashBin "mail-send" ''
${pkgs.msmtp}/bin/msmtp-queue -r
'';
mailView = pkgs.writers.writeDashBin "mail-view" ''
${pkgs.neomutt}/bin/neomutt"$@"
'';
mutt = pkgs.writers.writeDashBin "mutt" ''
${pkgs.neomutt}/bin/neomutt"$@"
'';
mail = pkgs.writers.writeDashBin "mail" ''
${mailSync}/bin/mail-sync
${mailView}/bin/mail-view
${mailSend}/bin/mail-send
${mailSync}/bin/mail-sync
'';
mailDelete = let notmuch = "${pkgs.notmuch}/bin/notmuch";
in pkgs.writers.writeBashBin "mail-delete" ''
set -efu
set -o pipefail
if ! ${notmuch} search --exclude=false tag:deleted | tac ; then
echo 'No killed mail.'
exit 1
fi
printf 'want do rm this mail? \[y/N\] '
read REPLY
case "$REPLY" in
y|Y) :;; # continue
*)
echo 'abort.'
exit 2
;;
esac
${notmuch} search --output=files --exclude=false tag:deleted | while read line; do rm -v "$line" ; done
${notmuch} new
'';
in [
pkgs.notmuch
pkgs.muchsync
mail
mailSync
mailView
mailSend
pkgs.neomutt
mutt
mailDelete
];
}

343
nixos/system/desktop/mc.nix Normal file
View file

@ -0,0 +1,343 @@
{ config, pkgs, ... }:
let
mcExt = pkgs.writeText "mc.ext" ''
# gitfs changeset
regex/^\[git\]
Open=%cd %p/changesetfs://
View=%cd %p/patchsetfs://
### Archives ###
# .tgz, .tpz, .tar.gz, .tar.z, .tar.Z, .ipk, .gem
regex/\.t([gp]?z|ar\.g?[zZ])$|\.ipk$|\.gem$
Open=%cd %p/utar://
shell/.tar.bz
# Open=%cd %p/utar://
regex/\.t(ar\.bz2|bz2?|b2)$
Open=%cd %p/utar://
# .tar.lzma, .tlz
regex/\.t(ar\.lzma|lz)$
Open=%cd %p/utar://
# .tar.xz, .txz
regex/\.t(ar\.xz|xz)$
Open=%cd %p/utar://
# .tar.F - used in QNX
shell/.tar.F
# Open=%cd %p/utar://
# .qpr/.qpk - QNX Neutrino package installer files
regex/\.qp[rk]$
Open=%cd %p/utar://
# tar
shell/i/.tar
Open=%cd %p/utar://
# lha
type/^LHa\ .*archive
Open=%cd %p/ulha://
# arj
regex/i/\.a(rj|[0-9][0-9])$
Open=%cd %p/uarj://
# cab
shell/i/.cab
Open=%cd %p/ucab://
# ha
shell/i/.ha
Open=%cd %p/uha://
# rar
regex/i/\.r(ar|[0-9][0-9])$
Open=%cd %p/urar://
# ALZip
shell/i/.alz
Open=%cd %p/ualz://
# cpio
shell/.cpio.Z
Open=%cd %p/ucpio://
shell/.cpio.xz
Open=%cd %p/ucpio://
shell/.cpio.gz
Open=%cd %p/ucpio://
shell/i/.cpio
Open=%cd %p/ucpio://
# 7zip archives (they are not man pages)
shell/i/.7z
Open=%cd %p/u7z://
# patch
regex/\.(diff|patch)(\.bz2)$
Open=%cd %p/patchfs://
regex/\.(diff|patch)(\.(gz|Z))$
Open=%cd %p/patchfs://
# ls-lR
regex/(^|\.)ls-?lR(\.gz|Z|bz2)$
Open=%cd %p/lslR://
# trpm
shell/.trpm
Open=%cd %p/trpm://
# RPM packages (SuSE uses *.spm for source packages)
regex/\.(src\.rpm|spm)$
Open=%cd %p/rpm://
shell/.rpm
Open=%cd %p/rpm://
# deb
regex/\.u?deb$
Open=%cd %p/deb://
# dpkg
shell/.debd
Open=%cd %p/debd://
# apt
shell/.deba
Open=%cd %p/deba://
# ISO9660
shell/i/.iso
Open=%cd %p/iso9660://
regex/\.(diff|patch)$
Open=%cd %p/patchfs://
# ar library
regex/\.s?a$
Open=%cd %p/uar://
# gplib
shell/i/.lib
Open=%cd %p/ulib://
# Mailboxes
type/^ASCII\ mail\ text
Open=%cd %p/mailfs://
### Sources ###
# C/C++
regex/i/\.(c|cc|cpp)$
Include=editor
# C/C++ header
regex/i/\.(h|hh|hpp)$
Include=editor
# Fortran
shell/i/.f
Include=editor
# Assembler
regex/i/\.(s|asm)$
Include=editor
include/editor
Open=%var{EDITOR:${pkgs.vim}/bin/vim} %f
### Images ###
shell/i/.gif
Include=image
regex/i/\.jpe?g$
Include=image
shell/i/.bmp
Include=image
shell/i/.png
Include=image
shell/i/.jng
Include=image
shell/i/.mng
Include=image
shell/i/.tiff
Include=image
shell/.ico
Include=image
include/image
Open=${pkgs.sxiv}/bin/sxiv %f
View=${pkgs.sxiv}/bin/sxiv %f
### Sound files ###
regex/i/\.(wav|snd|voc|au|smp|aiff|snd|m4a|ape|aac|wv)$
Include=audio
regex/i/\.(mod|s3m|xm|it|mtm|669|stm|ult|far)$
Include=audio
shell/i/.waw22
Include=audio
shell/i/.mp3
Include=audio
regex/i/\.og[gax]$
Include=audio
regex/i/\.(spx|flac)$
Include=audio
regex/i/\.(midi?|rmid?)$
Include=audio
shell/i/.wma
Include=audio
include/audio
Open=${pkgs.mpv}/bin/mpv %f
View=${pkgs.mpv}/bin/mpv %f
### Video ###
shell/i/.avi
Include=video
regex/i/\.as[fx]$
Include=video
shell/i/.divx
Include=video
shell/i/.mkv
Include=video
regex/i/\.(mov|qt)$
Include=video
regex/i/\.(mp4|m4v|mpe?g)$
Include=video
# MPEG-2 TS container + H.264 codec
shell/i/.mts
Include=video
shell/i/.ts
Include=video
shell/i/.vob
Include=video
shell/i/.wmv
Include=video
regex/i/\.fl[icv]$
Include=video
shell/i/.ogv
Include=video
# WebM
shell/i/.webm
Include=video
type/WebM
Include=video
include/video
Open=${pkgs.mpv}/bin/mpv %f
View=${pkgs.mpv}/bin/mpv %f
### Documents ###
# PDF
shell/i/.pdf
Open=zathura %f
View=zathura %f
### Miscellaneous ###
# Makefile
regex/[Mm]akefile$
Open=make -f %f %{Enter parameters}
### Plain compressed files ###
# ace
shell/i/.ace
Open=%cd %p/uace://
Extract=unace x %f
# arc
shell/i/.arc
Open=%cd %p/uarc://
Extract=arc x %f '*'
Extract (with flags)=I=%{Enter any Arc flags:}; if test -n "$I"; then arc x $I %f; fi
# zip
shell/i/.zip
Open=%cd %p/uzip://
# zip
type/i/^zip\ archive
Open=%cd %p/uzip://
# jar(zip)
type/i/^Java\ Jar\ file\ data\ \(zip\)
Open=%cd %p/uzip://
# zoo
shell/i/.zoo
Open=%cd %p/uzoo://
### Default ###
# Default target for anything not described above
default/*
Open=vim %f
View=vim %f
'';
in {
environment.systemPackages = [
(pkgs.symlinkJoin {
name = "mc";
paths = [
(pkgs.writers.writeDashBin "mc" ''
export MC_DATADIR=${
pkgs.writers.write "mc-ext" {
"/mc.ext".link = mcExt;
"/sfs.ini".text = "";
}
};
export TERM=xterm-256color
exec ${pkgs.mc}/bin/mc -S xoria256 "$@"
'')
pkgs.mc
];
})
];
}

6
nixos/system/desktop/network.nix Normal file
View file

@ -0,0 +1,6 @@
{ config, pkgs, lib, ... }: {
system.custom.wifi = {
enable = true;
system = "networkmanager";
};
}

399
nixos/system/desktop/packages.nix Normal file
View file

@ -0,0 +1,399 @@
{ pkgs, config, lib, ... }:
with lib;
let
library = import ../../library { inherit pkgs lib; };
allLicenses = let
licenses = builtins.map
(license: "echo '${license.shortName} : ${license.fullName}'")
(builtins.attrValues pkgs.lib.licenses);
in pkgs.writers.writeBashBin "all-licenses"
(lib.concatStringsSep "\n" licenses);
#joplin = pkgs.joplin-desktop;
#joplin = pkgs.joplin-desktop;
joplin = pkgs.writers.writeBashBin "joplin" ''
if [[ ! -x "$HOME/programs/Joplin.AppImage" ]]
then
echo "$HOME/programs/Joplin.AppImage does not exist or is not executable";
exit 1
fi
exec ${pkgs.appimage-run}/bin/appimage-run "$HOME/programs/Joplin.AppImage"
'';
zettlr = pkgs.writers.writeBashBin "zettlr" ''
if [[ ! -x "$HOME/programs/Zettlr.AppImage" ]]
then
echo "$HOME/programs/Zettlr.AppImage does not exist or is not executable";
exit 1
fi
exec ${pkgs.appimage-run}/bin/appimage-run "$HOME/programs/Zettlr.AppImage"
'';
#zettlr = unstablePkgs.zettlr;
parseUrl = pkgs.writers.writeBashBin "parseUrl" ''
echo "$@" | \
${pkgs.jq}/bin/jq --raw-input --raw-output '
def parseURL: capture( "^((?<scheme>[^:/?#]+):)?(//(?<authority>(?<domain>[^/?#:]*)(:(?<port>[0-9]*))?))?((?<path>[^?#]*)\\?)?((?<query>([^#]*)))?(#(?<fragment>(.*)))?");
parseURL
'
'';
parseAndCopyLink = pkgs.writers.writeBashBin "parseAndCopyLink" ''
${parseUrl}/bin/parseUrl "$@" | \
${pkgs.jq}/bin/jq --raw-output '"\(.scheme)://\(.domain)\(.path)"' | \
${pkgs.xclip}/bin/xclip
'';
replaceLinks = pkgs.writers.writeBashBin "replace-link-with-content" # sh
''
if [ ! -L "$1" ]
then
echo "$1 does not exist or is not a file"
exit 1
fi
cp -rL "$1" "$1.backup"
unlink "$1"
mv "$1.backup" "$1"
'';
pandocScript = { inputFormat, outputFormat }:
pkgs.writers.writeDashBin "pandoc-from-${inputFormat}-to-${outputFormat}" ''
${pkgs.pandoc}/bin/pandoc \
--from ${inputFormat} \
--to ${outputFormat} \
--standalone \
"$@"
'';
connectToSpeaker = name: id:
pkgs.writeShellScriptBin "connect-to-speaker-${name}" # sh
''
# hacky script because I have problems with
# automatically connecting to trusted bluetooth devices.
echo "Connect to Speaker ${name}"
bluetoothctl <<EOF
power on
agent on
scan on
connect ${id}
EOF
'';
disconnectToSpeaker = name: id:
pkgs.writeShellScriptBin "disconnect-from-speaker-${name}" # sh
''
# hacky script because I have problems with
# automatically connecting to trusted bluetooth devices.
echo "Disconnect from Speaker ${name}"
bluetoothctl <<EOF
disconnect ${id}
scan off
agent off
power off
EOF
'';
borrow = pkgs.writers.writeDashBin "borrow" # sh
''
TERM=xterm-mono ${pkgs.hledger-ui}/bin/hledger-ui --file ~/finance/.hledger-borrow "$@"
'';
bank-report = pkgs.writers.writeDashBin "bank-report" # sh
''
${pkgs.hledger}/bin/hledger --file ~/finance/hledger/all.journal balance -M -B date:$(date +%Y-%m -d 'last year')..
${pkgs.hledger}/bin/hledger --file ~/finance/hledger/all.journal balance -M -B date:$(date +%Y-%m -d 'last year').. --depth 1
'';
bank = pkgs.writers.writeDashBin "bank" # sh
''
${pkgs.hledger-ui}/bin/hledger-ui --file ~/finance/hledger/all.journal
'';
bank-old = year:
pkgs.writers.writeDashBin "bank-${year}" # sh
''
TERM=xterm-mono ${pkgs.hledger-ui}/bin/hledger-ui --file ~/finance/hledger/${year}.journal "$@"
'';
irc = pkgs.writers.writeDashBin "irc" # sh
''
${pkgs.mosh}/bin/mosh workhorse.private -- sudo -u weechat -- screen -rd
'';
insertCopyq = pkgs.writers.writeDashBin "insertCopyq" # sh
''
${pkgs.copyq}/bin/copyq read 0 | ${pkgs.xdotool}/bin/xdotool type -f -
'';
weight = pkgs.writeShellScriptBin "weight" ''
if [[ $# -eq 1 ]]
then
weight=$1
echo "weight : $weight"
else
echo
echo -n " weight : "
read weight
fi
echo
${pkgs.curl}/bin/curl \
-H "Content-Type: application/json" \
-XPOST "http://workout.private:9200/health/weight" \
-d '{ "weight" : '$weight', "date": "'$( ${pkgs.coreutils}/bin/date -Iseconds )'" }'
'';
isoToUtf8 = pkgs.writers.writeBashBin "iso-to-utf8" ''
input="$1"
TMP=$(mktemp)
${pkgs.glibc.bin}/bin/iconv -f ISO-8859-1 "$input" -t UTF-8 -o "$TMP"
mv "$TMP" "$input"
'';
in {
# ffmpeg scripts to encode movies
programs.custom.ffmpeg.enable = true;
# gnupg setup
programs.gnupg.agent.enable = true;
programs.gnupg.agent.enableSSHSupport = true;
programs.gnupg.agent.enableExtraSocket = true;
environment.systemPackages = with pkgs;
let
connectToMyPortable = connectToSpeaker "my-portable" "37:F0:17:2F:B6:84";
disconnectToMyPortable =
disconnectToSpeaker "my-portable" "37:F0:17:2F:B6:84";
connectToBrullrohre = connectToSpeaker "brullrohre" "FC:A8:9A:ED:B8:FA";
disconnectToBrullrohre =
disconnectToSpeaker "brullrohre" "FC:A8:9A:ED:B8:FA";
in [
uget
#zettlr
#(library.desktopFile zettlr { longName = "Zettlr"; })
joplin
(library.desktopFile joplin { longName = "Joplin"; })
zim
weight
connectToMyPortable
(library.desktopFile connectToMyPortable { longName = "Bluetooth"; })
disconnectToMyPortable
(library.desktopFile disconnectToMyPortable { longName = "Bluetooth"; })
connectToBrullrohre
(library.desktopFile connectToBrullrohre { longName = "Bluetooth"; })
disconnectToBrullrohre
(library.desktopFile disconnectToBrullrohre { longName = "Bluetooth"; })
#antimony
#(library.desktopFile antimony { longName = "CAD Software"; command = "antimony"; })
parted
insertCopyq
(library.desktopFile insertCopyq {
longName = "type what is on top of the copyq";
command = "insertCopyq";
})
isoToUtf8
hledger
hledger-ui
borrow
bank
bank-report
(bank-old "2021")
(bank-old "2020")
irc
manpages
emo
(library.desktopFile emo {
longName = "Emoji Inserter";
command = "emoticons";
})
bat
zlib # ???
cabal-install
ghc
cabal2nix
psmisc # contains killall
pmount
nix-prefetch-scripts
ipcalc
nmap
libreoffice
hunspell
hunspellDicts.de-de
hunspellDicts.en-us
aspell
aspellDicts.de
aspellDicts.en
aspellDicts.es
translate-shell
borgbackup
gpa
gnupg
sshuttle
sshfs
mosh
dosfstools
copyq
# radio-dj
cups
xfe # filemanager
evince
sxiv
(library.desktopFile sxiv {
longName = "Image Viewer";
command = "sxiv";
})
calibre
transmission-remote-gtk
mpv
# cantata
ncmpcpp
(pkgs.dragon-drop.overrideAttrs (old: rec {
pname = "dragon-drop";
version = "1.1.1";
src = fetchFromGitHub {
owner = "mwh";
repo = "dragon";
rev = "v${version}";
sha256 = "0fgzz39007fdjwq72scp0qygp2v3zc5f1xkm0sxaa8zxm25g1bra";
};
}))
dino # jabber client
nixos-generators
shellcheck
bind.dnsutils
hexyl
testssl
trash-cli
nix-review
units
(writeShellScriptBin "ingdiba-security" ''
first=$1
second=$2
if [[ $# -ne 2 ]]
then
echo "need 2 arguments"
exit 1
fi
pass bank/ingdiba/security_key | cut -c$first,$second
'')
(writeShellScriptBin "ingdiba-tans" ''
first=$1
if [[ $# -ne 1 ]]
then
echo "need 1 arguments"
exit 1
fi
pass bank/ingdiba/tans-01 | cut -f$first -d '
'
'')
nix-index
nethogs
netsniff-ng
iftop
wireguard
ffmpeg
(writeShellScriptBin "shrink-exports"
(fileContents ../../assets/shrink_exports))
(writeShellScriptBin "music-making"
(fileContents ../../assets/music-making.sh))
replaceLinks
youtube-dl
#image-generator
cairo
w3m
links
lynx
# temperature
s-tui
(pkgs.writers.writeDashBin "temperature" ''
${pkgs.s-tui}/bin/s-tui
'')
powertop
(pkgs.writers.writeBashBin "youtube-download-music" ''
${pkgs.youtube-dl}/bin/youtube-dl \
--extract-audio \
--audio-format vorbis \
--audio-quality 0 \
"$@"
'')
allLicenses
memo
nixfmt
dateutils
parseUrl
parseAndCopyLink
# needed for pycairo (in venv)
pkgconf
cairo
# etc-info stuff
(pkgs.writers.writeDashBin "etc-info-sync" (lib.concatStringsSep "\n"
(map (host: "rsync -avLz ${host}.private:/etc/info/ ~/.etc_info")
(attrNames config.module.cluster.services.tinc."private".hosts))))
] ++ (map pandocScript (lib.cartesianProductOfSets {
inputFormat = [ "man" "markdown" "mediawiki" ];
outputFormat = [ "mediawiki" "docbook5" "html5" "man" ];
})) # ++ (map (search:
#pkgs.writers.writeDashBin "reddit-${search}" ''
# ${unstablePkgs.tuir}/bin/tuir -s ${search} "$@"
#'') [ "nixos" "systemdUltras" "terraform" ])
;
}

40
nixos/system/desktop/pass.nix Normal file
View file

@ -0,0 +1,40 @@
{ lib, pkgs, ... }:
with lib;
let
# desktop file
# ------------
# makes it possible to be used by other programs
desktopFile = name: bin:
pkgs.writeTextFile {
name = "${name}.desktop";
destination = "/share/applications/${name}.desktop";
text = ''
[Desktop Entry]
Categories=Application;Utility;
Comment=password dialog
Encoding=UTF-8
Exec=${bin}
Icon=gnome-lockscreen
Name=${name}
Terminal=false
Type=Application
'';
};
in {
environment.systemPackages = [
pkgs.pass-otp
(desktopFile "passmenu" "${pkgs.pass-otp}/bin/passmenu --type -l 10")
# todo ein script machen was hier tut
# zbarimg -q --raw 2018-12-18-114509.png | pass otp insert mindcurv/cloudamqp/otp
pkgs.zbar
pkgs.otpmenu
];
}

18
nixos/system/desktop/remote-install.nix Normal file
View file

@ -0,0 +1,18 @@
{ pkgs, ... }: {
services.tor = {
enable = true;
client.enable = true;
relay.onionServices.liveos.map = [{ port = 1337; }];
};
environment.systemPackages = [
(pkgs.writeShellScriptBin "remote-install-start-service" ''
echo "starting announcment server to receive remote-install iso onion id"
${pkgs.nmap}/bin/ncat -k -l -p 1337
'')
(pkgs.writeShellScriptBin "remote-install-get-hiddenReceiver" ''
sudo cat /var/lib/tor/onion/liveos/hostname
'')
];
}

28
nixos/system/desktop/size.nix Normal file
View file

@ -0,0 +1,28 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.configuration.desktop;
in {
options.configuration.desktop = {
height = mkOption {
default = 900;
type = with types; int;
description = ''
height of the dektop monitor
'';
};
width = mkOption {
default = 1600;
type = with types; int;
description = ''
width of the desktop monitor
'';
};
};
}

6
nixos/system/desktop/sshd.nix Normal file
View file

@ -0,0 +1,6 @@
{ config, ... }: {
# make sure ssh is only available trough the tinc
networking.firewall.extraCommands = ''
iptables --table nat --append PREROUTING ! --in-interface tinc.+ --protocol tcp --match tcp --dport 22 --jump REDIRECT --to-ports 0
'';
}

37
nixos/system/desktop/suspend.nix Normal file
View file

@ -0,0 +1,37 @@
{ pkgs, config, lib, ... }:
with lib;
let
cfg = config.system.custom.suspend;
in {
options.system.custom.suspend.enable = mkEnableOption "use xlock in suspend";
config = mkIf cfg.enable {
systemd.services.screenlock = {
before = [ "sleep.target" ];
requiredBy = [ "sleep.target" ];
environment = let
display = if (config.services.xserver.display != null) then
config.services.xserver.display
else
0;
in { DISPLAY = ":${toString display}"; };
script = ''
${pkgs.xlockmore}/bin/xlock -mode life1d -size 1 &
sleep 1
'';
serviceConfig = {
SyslogIdentifier = "screenlock";
#Type = "simple";
Type = "forking";
User = config.users.users.mainUser.name;
};
};
services.logind.lidSwitch = "suspend";
};
}

11
nixos/system/desktop/user.nix Normal file
View file

@ -0,0 +1,11 @@
{ config, lib, pkgs, ... }: {
programs.custom.zsh.mainUser = config.users.users.mainUser.name;
system.custom.mainUser = {
enable = true;
userName = lib.mkDefault "palo";
authorizedKeyFiles =
config.users.users.root.openssh.authorizedKeys.keyFiles;
};
}

408
nixos/system/desktop/wtf.nix Normal file
View file

@ -0,0 +1,408 @@
{ pkgs, lib, config, ... }:
let
networkStatus = let
q-online = ''
if ${pkgs.curl}/bin/curl -s google.com >/dev/null; then
echo 'status: online'
else
echo 'status: offline '
fi
'';
q-wireless = ''
for dev in $(
${pkgs.iw}/bin/iw dev \
| ${pkgs.gnused}/bin/sed -n 's/^\s*Interface\s\+\([0-9a-z]\+\)$/\1/p'
); do
inet=$(${pkgs.iproute}/bin/ip addr show $dev \
| ${pkgs.gnused}/bin/sed -n 's/.*inet \([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+\).*/\1/p') \
|| unset inet
ssid=$(${pkgs.iw}/bin/iw dev $dev link \
| ${pkgs.gnused}/bin/sed -n 's/.*\tSSID: \(.*\)/\1/p' \
| ${pkgs.coreutils}/bin/tr -d '\r') \
|| unset ssid
printf '%s: %s %s\n' $dev ''${inet+ $inet} ''${ssid+ $ssid}
done
'';
in pkgs.writers.writeBash "network-status" ''
${q-wireless}
${q-online}
${pkgs.coreutils}/bin/uptime
'';
taskNextWeek = pkgs.writers.writeDash "taskweek" ''
${pkgs.taskwarrior}/bin/task \
export \
status:pending and \( due.before:7days and due.after:today \) \
| ${pkgs.jq}/bin/jq '[.[] | { Day: .due, ID: .id, Description: .description | sub("\n.*";"")} ] | sort_by(.Day)' \
| ${pkgs.miller}/bin/mlr --ijson --opprint put '$Day = strftime(strptime($Day,"%Y%m%dT%H%M%SZ")'$(date +%z)'00,"%a")'
'';
activeTasks = pkgs.writers.writeBash "active-tasks" ''
${pkgs.taskwarrior}/bin/task export +checklist status:pending +READY | \
${pkgs.jq}/bin/jq \
--raw-output '
sort_by(.description) | reverse |
.[] |
"[ \( .id ) ] \( .description )"
'
echo
${pkgs.taskwarrior}/bin/task export \
+ACTIVE status:pending \
| ${pkgs.jq}/bin/jq --raw-output '.[] | " \(.id) \(.description)"'
'';
userHighlight = map ({ user, ... }: user)
(builtins.attrValues config.programs.custom.browser.configList)
++ [ "steam" ];
activeUsers = pkgs.writers.writeBash "active-users" ''
${pkgs.procps}/bin/ps -eo user \
| ${pkgs.gnused}/bin/sed '1 d' \
| ${pkgs.coreutils}/bin/sort \
| ${pkgs.coreutils}/bin/uniq \
| ${pkgs.gnugrep}/bin/egrep --color=always '(${
pkgs.lib.concatStringsSep "|" userHighlight
})|$'
'';
# default settings
wtfModule =
args@{ height ? 1, width ? 1, top, left, enabled ? true, type, ... }:
{
enabled = enabled;
focusable = false;
position.top = top;
position.left = left;
position.height = height;
position.width = width;
} // (lib.filterAttrs
(key: _: lib.all (x: x != key) [ "height" "width" "top" "left" ]) args);
# command runner module
cmdRunner = args@{ cmd, ... }:
wtfModule ({
type = "cmdrunner";
focusable = false;
refreshInterval = 300;
} // args);
modules = {
inherit cmdRunner;
# not working: had no time to investigate
#digitalclock = args@{ top, left, ... }:
# wtfModule ({
# type = "digitalclock";
# title = "";
# color = "white";
# font = "bigfont";
# hourFormat = 24;
# refreshInterval = 1;
# } // args);
digitalclock = args@{ top, left, ... }:
cmdRunner ({
cmd = pkgs.writers.writeDash "clock" ''
${pkgs.toilet}/bin/toilet --font future `${pkgs.coreutils}/bin/date +"%a %H:%M"`
${pkgs.coreutils}/bin/date +"%B %d %Y"
'';
title = "";
refreshInterval = 30;
} // args);
clocks = args@{ top, left, ... }:
wtfModule ({
type = "clocks";
title = "";
border = false;
colors.rows = {
even = "white";
odd = "white";
};
locations = {
Berlin = "Europe/Berlin";
Brazil = "America/Fortaleza";
Wellington = "Pacific/Auckland";
};
sort = "alphabetical";
refreshInterval = 60;
} // args);
resourceusage = args@{ top, left, ... }:
wtfModule ({
type = "resourceusage";
title = "";
cpuCombined = false;
refreshInterval = 5;
} // args);
power = args@{ top, left, ... }:
wtfModule ({
type = "power";
title = "";
refreshInterval = 100;
} // args);
prettyweather = args@{ top, left, ... }:
wtfModule ({
type = "prettyweather";
title = "";
city = "Essen";
unit = "m";
view = 0;
language = "en";
refreshInterval = 3600;
} // args);
feedreader = args@{ top, left, feeds, ... }:
wtfModule ({
type = "feedreader";
title = "";
refreshInterval = 3600;
focusable = true;
#feedLimit = 10;
colors.rows = {
even = "white";
odd = "white";
};
} // args);
github = args@{ top, left, username, apiKey, ... }:
wtfModule ({
type = "github";
title = "";
refreshInterval = 3600;
feedlimit = 10;
enableStatus = true;
# customQueries:
# othersPRs:
# title: "Others Pull Requests"
# filter: "is:open is:pr -author:wtfutil"
# repositories:
# - "wtfutil/wtf"
# - "wtfutil/docs"
# - "umbrella-corp/wesker-api"
} // args);
};
newsJson = {
wtf = {
term = "rxvt-unicode-256color";
colors.border = {
focusable = "darkslateblue";
focused = "orange";
normal = "green";
};
grid = {
columns = [ 28 0 0 ];
rows = [ 9 9 9 9 9 9 0 ];
};
refreshInterval = 1;
mods = with modules; {
clock = digitalclock {
top = 0;
left = 0;
};
weather = prettyweather {
top = 1;
left = 0;
};
# feeds
hackernews = feedreader {
title = "Hacker News";
top = 0;
left = 1;
height = 3;
feeds = [ "https://news.ycombinator.com/rss" ];
};
lopster = feedreader {
title = "Lopsters";
top = 0;
left = 2;
height = 3;
feeds = [ "https://lobste.rs/rss" ];
};
hackernews_tools = feedreader {
title = "Hacker News Tools";
top = 4;
left = 1;
height = 1;
feeds =
[ "https://latesthackingnews.com/category/hacking-tools/feed/" ];
};
nixos = feedreader {
title = "NixOS Weekly";
top = 3;
left = 1;
height = 1;
feeds = [ "https://weekly.nixos.org/feeds/all.rss.xml" ];
};
taskwarrior = feedreader {
title = "Taskwarrior";
top = 3;
left = 2;
height = 1;
feeds = [ "https://taskwarrior.org/feed.rss" ];
};
#github = github {
# username = "mrVanDalo";
# apiKey = "";
# repositories = [
# "nixos/nixpkgs"
# ];
#};
};
};
};
qJson = {
wtf = {
term = "rxvt-unicode-256color";
colors.border = {
focusable = "darkslateblue";
focused = "orange";
normal = "green";
};
grid = {
columns = [ 33 12 28 36 0 ];
rows = [ 9 3 7 6 0 ];
};
refreshInterval = 1;
mods = with modules; {
digitalclock = digitalclock {
top = 0;
left = 0;
};
clocks = clocks {
top = 1;
left = 0;
};
top = resourceusage {
top = 0;
left = 1;
width = 2;
};
power = power {
top = 2;
left = 0;
};
rates = wtfModule {
type = "exchangerates";
top = 3;
left = 0;
title = "rates";
rates.IDR = [ "EUR" ];
rates.EUR = [ "IDR" ];
refreshInterval = 3600;
};
weather = prettyweather {
top = 0;
left = 3;
};
calendar = cmdRunner {
title = "";
args = [ "-3" "--monday" "--color=never" "-w" ];
cmd = "cal";
top = 1;
left = 1;
height = 2;
width = 3;
refreshInterval = 3600;
};
active-users = cmdRunner {
title = "users";
cmd = activeUsers;
top = 0;
left = 4;
height = 4;
width = 1;
refreshInterval = 30;
};
active-tasks = cmdRunner {
title = "active tasks";
cmd = activeTasks;
top = 4;
left = 2;
height = 1;
width = 3;
refreshInterval = 60;
};
next-week-tasks = cmdRunner {
title = "upcoming";
cmd = taskNextWeek;
top = 4;
left = 0;
height = 1;
width = 2;
refreshInterval = 60;
};
network-status = cmdRunner {
title = "network status";
cmd = networkStatus;
top = 3;
left = 1;
height = 1;
width = 3;
refreshInterval = 60;
};
uptime = cmdRunner {
enabled = false;
title = "uptime";
cmd = "uptime";
top = 3;
left = 1;
height = 1;
width = 3;
};
};
};
};
createDashboard = { json, name }:
let configuration = pkgs.writeText "config.yml" (builtins.toJSON json);
in pkgs.writers.writeBashBin name ''
${pkgs.unstable.wtf}/bin/wtfutil --config=${toString configuration}
'';
in {
services.upower.enable = true;
environment.systemPackages = [
pkgs.unstable.wtf
(createDashboard {
json = qJson;
name = "q";
})
(createDashboard {
json = newsJson;
name = "news";
})
#activeUsers
#activeTasks
pkgs.upower
];
}

24
nixos/system/desktop/x11.nix Normal file
View file

@ -0,0 +1,24 @@
{ config, pkgs, lib, ... }: {
environment.systemPackages = with pkgs; [ xclip xtrlock-pam xorg.xev ];
system.custom.x11 = {
enable = lib.mkDefault true;
autoLoginUser = config.users.users.mainUser.name;
};
system.custom.fonts.enable = true;
# xinput list < to show devices
# https://unix.stackexchange.com/questions/90572/how-can-i-set-mouse-sensitivity-not-just-mouse-acceleration
#services.xserver.displayManager.sessionCommands = let
# mouseSpeed = name: speed: ''
# ${pkgs.xlibs.xinput}/bin/xinput set-prop "${name}" "Coordinate Transformation Matrix" ${
# toString speed
# } 0 0 0 ${toString speed} 0 0 0 1 || true
# '';
#in lib.concatStringsSep "\n"
#[ (mouseSpeed "Logitech Gaming Mouse G400" 3.1) ];
}

36
nixos/system/desktop/xlock.nix Normal file
View file

@ -0,0 +1,36 @@
{ lib, pkgs, ... }:
with lib;
let
name = "lock";
# desktop file
# ------------
# makes it possible to be used by other programs
desktopFile = pkgs.writeTextFile {
name = "${name}.desktop";
destination = "/share/applications/${name}.desktop";
text = ''
[Desktop Entry]
Categories=Application;Utility;
Comment=Screen Saver
Encoding=UTF-8
Exec=${lockProgram}/bin/${name}
Icon=gnome-lockscreen
Name=${name}
Terminal=false
Type=Application
'';
};
# the lock program
lockProgram = pkgs.writeShellScriptBin "${name}" ''
${pkgs.xlockmore}/bin/xlock -mode life1d -size 1
'';
in {
environment.systemPackages = [ lockProgram desktopFile ];
}

57
nixos/system/desktop/yubikey.nix Normal file
View file

@ -0,0 +1,57 @@
# References:
# * https://github.com/drduh/YubiKey-Guide
# * https://nixos.wiki/wiki/Yubikey
{ config, pkgs, ... }: {
services.pcscd.enable = true;
services.udev.packages = [
pkgs.yubikey-personalization
# additional services, but I just want gpg
# pkgs.libu2f-host
];
environment.systemPackages = [
# for `gpg --export $keyid | hokey lint` to check keys
#pkgs.haskellPackages.hopenpgp-tools
# for otp keys (but I use pass otp)
# pkgs.yubioath-desktop
(pkgs.writers.writeDashBin "gpg-reset-yubikey-id" ''
echo "reset gpg to make new key available"
set -x
set -e
${pkgs.psmisc}/bin/killall gpg-agent
rm -r ~/.gnupg/private-keys-v1.d/
echo "now the new key should work"
'')
];
# use gpg for ssh
# ---------------
environment.shellInit = ''
export GPG_TTY="$(tty)"
gpg-connect-agent /bye
export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh"
'';
programs = {
ssh.startAgent = false;
gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
};
# use for pam (sudo)
# --------------------------
security.pam.u2f.enable = true;
security.pam.u2f.authFile =
toString config.sops.secrets.yubikey_u2fAuthFile.path;
sops.secrets.yubikey_u2fAuthFile = { };
}

13
nixos/system/proxy/default.nix Normal file
View file

@ -0,0 +1,13 @@
{ config, lib, pkgs, ... }: {
imports = [
<system/all>
<system/server/netdata.nix>
<system/server/graylog-exporter.nix>
<system/server/prometheus-exporters.nix>
];
services.sshguard.enable = true;
}

23
nixos/system/server/default.nix Normal file
View file

@ -0,0 +1,23 @@
{ config, lib, pkgs, ... }: {
imports = [
<system/all>
./netdata.nix
./initssh.nix
./graylog-exporter.nix
./prometheus-exporters.nix
./packages.nix
];
# make sure laptops stay awake when closing the montior
services.logind.lidSwitch = "ignore";
powerManagement.enable = false;
powerManagement.scsiLinkPolicy = "min_power";
# config vim
programs.custom.vim.enable = true;
services.locate.enable = true;
}

139
nixos/system/server/graylog-exporter.nix Normal file
View file

@ -0,0 +1,139 @@
{ lib, ... }: {
# send data to graylog
services.SystemdJournal2Gelf.enable = lib.mkDefault false;
services.SystemdJournal2Gelf.graylogServer = "workhorse.private:11201";
services.journalbeat = {
enable = true;
# https://docs.graylog.org/en/4.0/pages/sending/journald.html
extraConfig = ''
journalbeat.inputs:
# Paths that should be crawled and fetched. Possible values files and directories.
# When setting a directory, all journals under it are merged.
# When empty starts to read from local journal.
- paths: []
# The number of seconds to wait before trying to read again from journals.
#backoff: 1s
# The maximum number of seconds to wait before attempting to read again from journals.
#max_backoff: 20s
# Position to start reading from journal. Valid values: head, tail, cursor
seek: tail
# Fallback position if no cursor data is available.
#cursor_seek_fallback: tail
# Exact matching for field values of events.
# Matching for nginx entries: "systemd.unit=nginx"
#include_matches: []
output.logstash:
# Boolean flag to enable or disable the output module.
enabled: true
# Graylog host and the beats input
hosts: ["workhorse.private:5044"]
# Number of workers per Graylog host.
#worker: 1
# Set gzip compression level.
#compression_level: 3
# Configure escaping HTML symbols in strings.
#escape_html: false
# Optional maximum time to live for a connection to Graylog, after which the
# connection will be re-established. A value of `0s` (the default) will
# disable this feature.
#
# Not yet supported for async connections (i.e. with the "pipelining" option set)
ttl: 30s
# Optionally load-balance events between Graylog hosts. Default is false.
#loadbalance: false
# If enabled only a subset of events in a batch of events is transferred per
# transaction. The number of events to be sent increases up to `bulk_max_size`
# if no error is encountered.
slow_start: true
# The number of seconds to wait before trying to reconnect to Graylog
# after a network error. After waiting backoff.init seconds, the Beat
# tries to reconnect. If the attempt fails, the backoff timer is increased
# exponentially up to backoff.max. After a successful connection, the backoff
# timer is reset. The default is 1s.
backoff.init: 1s
# The maximum number of seconds to wait before attempting to connect to
# Graylog after a network error. The default is 60s.
backoff.max: 60s
# SOCKS5 proxy server URL
#proxy_url: socks5://user:password@socks5-server:2233
# Resolve names locally when using a proxy server. Defaults to false.
#proxy_use_local_resolver: false
# Enable SSL support. SSL is automatically enabled if any SSL setting is set.
#ssl.enabled: true
# Configure SSL verification mode. If `none` is configured, all server hosts
# and certificates will be accepted. In this mode, SSL based connections are
# susceptible to man-in-the-middle attacks. Use only for testing. Default is
# `full`.
#ssl.verification_mode: full
# List of supported/valid TLS versions. By default all TLS versions from 1.1
# up to 1.3 are enabled.
#ssl.supported_protocols: [TLSv1.1, TLSv1.2, TLSv1.3]
# Optional SSL configuration options. SSL is off by default.
# List of root certificates for HTTPS server verifications
#ssl.certificate_authorities: ["/etc/pki/root/ca.pem"]
# Certificate for SSL client authentication
#ssl.certificate: "/etc/pki/client/cert.pem"
# Client certificate key
#ssl.key: "/etc/pki/client/cert.key"
# Optional passphrase for decrypting the Certificate Key.
#ssl.key_passphrase:
# Configure cipher suites to be used for SSL connections
#ssl.cipher_suites: []
# Configure curve types for ECDHE-based cipher suites
#ssl.curve_types: []
# Configure what types of renegotiation are supported. Valid options are
# never, once, and freely. Default is never.
#ssl.renegotiation: never
# Configure a pin that can be used to do extra validation of the verified certificate chain,
# this allow you to ensure that a specific certificate is used to validate the chain of trust.
#
# The pin is a base64 encoded string of the SHA-256 fingerprint.
#ssl.ca_sha256: ""
# The number of times to retry publishing an event after a publishing failure.
# After the specified number of retries, the events are typically dropped.
# Some Beats, such as Filebeat and Winlogbeat, ignore the max_retries setting
# and retry until all events are published. Set max_retries to a value less
# than 0 to retry until all events are published. The default is 3.
#max_retries: 3
# The maximum number of events to bulk in a single Graylog request. The
# default is 2048.
bulk_max_size: 2048
# The number of seconds to wait for responses from the Graylog server before
# timing out. The default is 30s.
#timeout: 30s
'';
};
}

105
nixos/system/server/initssh.nix Normal file
View file

@ -0,0 +1,105 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.configuration.init-ssh;
in {
options.configuration.init-ssh = {
enable = mkOption {
default = "disable";
type = with types; enum [ "disable" "prepare" "enabled" ];
};
kernelModules = mkOption {
type = with types; listOf str;
description =
"lspci -v will tell you which kernel module is used for the ethernet interface";
};
port = mkOption {
default = 23;
type = with types; int;
};
authorizedKeys = mkOption {
type = with types; listOf str;
default = config.users.users.root.openssh.authorizedKeys.keys
++ (map (keyFile: lib.fileContents keyFile)
config.users.users.root.openssh.authorizedKeys.keyFiles);
};
hostKey = mkOption {
default = "/etc/ssh/ssh_host_ed25519_key";
type = with types; path;
description = ''
To generate keys, use ssh-keygen(1):
# ssh-keygen -t rsa -N "" -f /etc/secrets/initrd/ssh_host_rsa_key
# ssh-keygen -t ed25519 -N "" -f /etc/secrets/initrd/ssh_host_ed25519_key
'';
};
};
config = mkMerge [
(mkIf (cfg.enable != "disable") {
services.tor = {
enable = true;
client.enable = true;
relay.onionServices.bootup.map = [{ port = 23; }];
};
})
(mkIf (cfg.enable == "enabled") {
# tor setup
boot.initrd.secrets = {
"/etc/tor/onion/bootup" = /var/lib/tor/onion/bootup;
};
boot.initrd.extraUtilsCommands = ''
copy_bin_and_libs ${pkgs.tor}/bin/tor
'';
boot.initrd.network.postCommands = let
torRc = (pkgs.writeText "tor.rc" ''
DataDirectory /etc/tor
SOCKSPort 127.0.0.1:9050 IsolateDestAddr
SOCKSPort 127.0.0.1:9063
HiddenServiceDir /etc/tor/onion/bootup
HiddenServicePort ${toString cfg.port} 127.0.0.1:${toString cfg.port}
'');
in ''
echo "tor: preparing onion folder"
# have to do this otherwise tor does not want to start
chmod -R 700 /etc/tor
echo "make sure localhost is up"
ip a a 127.0.0.1/8 dev lo
# ifconfig lo up
ip link set lo up
echo "tor: starting tor"
tor -f ${torRc} --verify-config
tor -f ${torRc} &
'';
# ssh setup
# todo add the ssh host fingerprint to your trusted stuff
# todo set ssh host key here
boot.initrd.network.enable = true;
boot.initrd.network.ssh = {
enable = true;
authorizedKeys = cfg.authorizedKeys;
port = cfg.port;
hostKeys = [ cfg.hostKey ];
};
boot.initrd.availableKernelModules = cfg.kernelModules;
})
];
}

15
nixos/system/server/netdata.nix Normal file
View file

@ -0,0 +1,15 @@
{ lib, pkgs, ... }: {
services.netdata = {
enable = lib.mkDefault true;
# https://docs.netdata.cloud/daemon/config/
config = {
global = {
"memory mode" = "ram";
"debug log" = "none";
"access log" = "none";
"error log" = "syslog";
};
};
};
}

16
nixos/system/server/packages.nix Normal file
View file

@ -0,0 +1,16 @@
{ pkgs, config, lib, ... }: {
# no need to to start a service
environment.systemPackages = let
nginxShowConfig = pkgs.writers.writePython3Bin "nginx-show-config" {
flakeIgnore = [ "E265" "E225" "W292" ];
} (lib.fileContents ../../assets/nginx-show-config.sh);
in [
pkgs.mosh
# nginxfmt
pkgs.nginx-config-formatter
nginxShowConfig
];
}

8
nixos/system/server/prometheus-exporters.nix Normal file
View file

@ -0,0 +1,8 @@
{ config, lib, ... }: {
config = lib.mkMerge [
(lib.mkIf config.services.nginx.enable {
services.prometheus.exporters.nginx.enable = true;
services.nginx.statusPage = true;
})
];
}