palo/nixos-config
palo/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

nixfmt: reformat all files

Browse source
This commit is contained in:
Ingolf Wagner 2019-12-20 17:54:26 +13:00
parent fccbc04336
commit 42d30d7edf
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
192 changed files with 5276 additions and 5151 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
configs/pepe/configuration.nix
View file

@ -1,6 +1,4 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }: {
{
imports = [ imports = [
@ -16,18 +14,16 @@
custom.samba-share = { custom.samba-share = {
enable = false; enable = false;
folders = { folders = { public = "/home/palo/movies"; };
public = "/home/palo/movies";
};
}; };
system.custom.wifi.interfaces = ["wlp3s0"]; system.custom.wifi.interfaces = [ "wlp3s0" ];
networking.hostName = "pepe"; networking.hostName = "pepe";
security.wrappers = { security.wrappers = {
pmount.source = "${pkgs.pmount}/bin/pmount"; pmount.source = "${pkgs.pmount}/bin/pmount";
pumount.source = "${pkgs.pmount}/bin/pumount"; pumount.source = "${pkgs.pmount}/bin/pumount";
}; };
# keybase # keybase
@ -41,16 +37,16 @@
# fonts # fonts
# ----- # -----
programs.custom.urxvt.fontSize = 12; programs.custom.urxvt.fontSize = 12;
programs.custom.xterm.fontSize = 12; programs.custom.xterm.fontSize = 12;
system.custom.fonts.dpi = 100; system.custom.fonts.dpi = 100;
virtualisation = { virtualisation = {
docker.enable = false; docker.enable = false;
virtualbox = { virtualbox = {
host.enable = false; host.enable = false;
guest.x11 = false; guest.x11 = false;
guest.enable = false; guest.enable = false;
}; };
}; };
@ -62,4 +58,3 @@
} }

38
configs/pepe/hardware-configuration.nix
View file

@ -4,18 +4,17 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
{ {
imports = imports = [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix> ];
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
];
boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "usb_storage" "sd_mod" "sdhci_pci" ]; boot.initrd.availableKernelModules =
[ "ehci_pci" "ahci" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
boot.loader.grub = { boot.loader.grub = {
enable = true; enable = true;
version = 2; version = 2;
device = "/dev/sda"; device = "/dev/sda";
}; };
zramSwap = { zramSwap = {
@ -34,37 +33,31 @@
#device = "/dev/ram2"; #device = "/dev/ram2";
#fsType = "tmpfs"; #fsType = "tmpfs";
options = [ "noatime" "nodiratime" "discard" ]; options = [ "noatime" "nodiratime" "discard" ];
device = "/dev/secure_vg/browser"; device = "/dev/secure_vg/browser";
fsType = "ext4"; fsType = "ext4";
}; };
nix.maxJobs = lib.mkDefault 4; nix.maxJobs = lib.mkDefault 4;
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
# lvm volume group # lvm volume group
# ---------------- # ----------------
boot.initrd.luks.devices = [ boot.initrd.luks.devices = [{
{ name = "secure_vg";
name = "secure_vg"; device = "/dev/sda2";
device = "/dev/sda2"; preLVM = true;
preLVM = true; }];
}
];
# NTFS support # NTFS support
# ------------ # ------------
environment.systemPackages = [ environment.systemPackages = [ pkgs.ntfs3g ];
pkgs.ntfs3g
];
# root # root
# ---- # ----
fileSystems."/" = { fileSystems."/" = {
options = [ "noatime" "nodiratime" "discard" ]; options = [ "noatime" "nodiratime" "discard" ];
device = "/dev/secure_vg/root"; device = "/dev/secure_vg/root";
fsType = "ext4"; fsType = "ext4";
}; };
# boot # boot
@ -74,5 +67,4 @@
fsType = "ext4"; fsType = "ext4";
}; };
} }

1
configs/pepe/samba.nix
View file

@ -1,5 +1,4 @@
{ config, ... }: { config, ... }:
{ {
} }

3
configs/pepe/syncthing.nix
View file

@ -1,5 +1,4 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }: {
{
test.services.syncthing = { test.services.syncthing = {
enable = true; enable = true;

51
configs/pepe/wifi-access-point.nix
View file

@ -1,22 +1,21 @@
{lib, pkgs, ... }: { lib, pkgs, ... }:
let let
wifi = "wlp0s29u1u2"; wifi = "wlp0s29u1u2";
ipAddress = "10.123.145.1"; ipAddress = "10.123.145.1";
prefixLength = 24; prefixLength = 24;
servedAddressRange = "10.123.145.2,10.123.145.150,12h"; servedAddressRange = "10.123.145.2,10.123.145.150,12h";
ssid="bumbumbum"; ssid = "bumbumbum";
wifiPassword=lib.fileContents <secrets/wifi-access-point>; wifiPassword = lib.fileContents <secrets/wifi-access-point>;
in
{ in {
# todo only open needed ports # todo only open needed ports
networking.firewall.trustedInterfaces = [ wifi ]; networking.firewall.trustedInterfaces = [ wifi ];
networking.networkmanager.unmanaged = [ wifi ]; networking.networkmanager.unmanaged = [ wifi ];
networking.dhcpcd.denyInterfaces = [ wifi ]; networking.dhcpcd.denyInterfaces = [ wifi ];
networking.interfaces."${wifi}".ipv4.addresses = [ { networking.interfaces."${wifi}".ipv4.addresses = [{
address = ipAddress; address = ipAddress;
prefixLength = prefixLength; prefixLength = prefixLength;
}]; }];
@ -35,25 +34,33 @@ in
# start manual # start manual
# wantedBy = [ "network.target" ]; # wantedBy = [ "network.target" ];
after = [ "${wifi}-cfg.service" "nat.service" "bind.service" "dhcpd.service" "sys-subsystem-net-devices-${wifi}.device" ]; after = [
"${wifi}-cfg.service"
"nat.service"
"bind.service"
"dhcpd.service"
"sys-subsystem-net-devices-${wifi}.device"
];
serviceConfig = { serviceConfig = {
ExecStart = "${pkgs.hostapd}/bin/hostapd ${pkgs.writeText "hostapd.conf" '' ExecStart = "${pkgs.hostapd}/bin/hostapd ${
interface=${wifi} pkgs.writeText "hostapd.conf" ''
hw_mode=g interface=${wifi}
channel=10 hw_mode=g
ieee80211d=1 channel=10
country_code=DE ieee80211d=1
ieee80211n=1 country_code=DE
wmm_enabled=1 ieee80211n=1
wmm_enabled=1
ssid=${ssid} ssid=${ssid}
auth_algs=1 auth_algs=1
wpa=2 wpa=2
wpa_key_mgmt=WPA-PSK wpa_key_mgmt=WPA-PSK
rsn_pairwise=CCMP rsn_pairwise=CCMP
wpa_passphrase=${wifiPassword} wpa_passphrase=${wifiPassword}
''}"; ''
}";
Restart = "always"; Restart = "always";
}; };
}; };

3
configs/porani/configuration.nix
View file

@ -1,5 +1,4 @@
{ pkgs, lib, config, ... }: { pkgs, lib, config, ... }: {
{
imports = [ imports = [
<system/server> <system/server>

52
configs/porani/hardware-configuration.nix
View file

@ -1,10 +1,8 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }: {
{ imports = [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix> ];
imports =
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
];
boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "usb_storage" "sd_mod" "sdhci_pci" ]; boot.initrd.availableKernelModules =
[ "ehci_pci" "ahci" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.initrd.kernelModules = [ "dm-snapshot" ]; boot.initrd.kernelModules = [ "dm-snapshot" ];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
@ -12,33 +10,29 @@
# grub configuration # grub configuration
# ------------------ # ------------------
boot.loader.grub = { boot.loader.grub = {
device = "/dev/sda"; device = "/dev/sda";
enable = true; enable = true;
version = 2; version = 2;
}; };
# lvm volume group # lvm volume group
# ---------------- # ----------------
boot.initrd.luks.devices = [ boot.initrd.luks.devices = [{
{ name = "vg";
name = "vg"; device = "/dev/sda2";
device = "/dev/sda2"; preLVM = true;
preLVM = true; }];
}
];
# NTFS support # NTFS support
# ------------ # ------------
environment.systemPackages = [ environment.systemPackages = [ pkgs.ntfs3g ];
pkgs.ntfs3g
];
# root # root
# ---- # ----
fileSystems."/" = { fileSystems."/" = {
options = [ "noatime" "nodiratime" "discard" ]; options = [ "noatime" "nodiratime" "discard" ];
device = "/dev/vg/root"; device = "/dev/vg/root";
fsType = "ext4"; fsType = "ext4";
}; };
# boot # boot
@ -59,16 +53,14 @@
#"x-systemd.device-timeout=1ms" #"x-systemd.device-timeout=1ms"
]; ];
}; };
systemd.mounts = [ systemd.mounts = [{
{ enable = true;
enable = true; options = "nofail,noauto";
options = "nofail,noauto"; type = "ext4";
type = "ext4"; wantedBy = [ "multi-user.target" ];
wantedBy = ["multi-user.target"]; what = "/dev/disk/by-uuid/162c2f9e-8baa-4433-99fd-bb7e7b69472f";
what = "/dev/disk/by-uuid/162c2f9e-8baa-4433-99fd-bb7e7b69472f"; where = "/media";
where = "/media"; }];
}
];
swapDevices = [ ]; swapDevices = [ ];

305
configs/porani/home-assistant.nix
View file

@ -1,6 +1,5 @@
{ pkgs, config, lib, ... }: { pkgs, config, lib, ... }:
let let unstablePkgs = import <nixpkgs-unstable> { };
unstablePkgs = import <nixpkgs-unstable> {};
in { in {
imports = [ imports = [
@ -15,175 +14,167 @@ in {
./home-assistant/zigbee2mqtt.nix ./home-assistant/zigbee2mqtt.nix
]; ];
services.homeAssistantConfig = { services.homeAssistantConfig = {
# turn on to edit GUI # turn on to edit GUI
# lovelace = {}; # lovelace = {};
homeassistant = { homeassistant = {
latitude = 51.444847; latitude = 51.444847;
longitude = 6.967006; longitude = 6.967006;
elevation = 116; elevation = 116;
auth_providers = [{
type = "trusted_networks";
trusted_networks =
[ config.module.cluster.services.tinc."private".networkSubnet ];
}];
};
auth_providers = [ prometheus.namespace = "hass";
{
type = "trusted_networks"; automation = [
trusted_networks = [
config.module.cluster.services.tinc."private".networkSubnet # todo when ich weis ich bin zuhause
]; #{
} # alias = "Licht and wenn Dunkel";
# trigger = {
# platform = "state";
# entity_id = [ "binary_sensor.night" ];
# from = "off";
# to = "on";
# };
# action = [
# {
# service = "switch.turn_on";
# entity_id = "group.kitchen";
# }
# {
# service = "switch.turn_on";
# entity_id = "group.living_room";
# }
# ];
#}
#{
# alias = "Küchen Sensor An";
# trigger = {
# platform = "state";
# entity_id = [ "binary_sensor.motion_1" ];
# to = "on";
# };
# action = {
# service = "switch.turn_on";
# entity_id = "group.kitchen";
# };
#}
#{
# alias = "Küchen Sensor aus";
# trigger = {
# platform = "state";
# entity_id = [ "binary_sensor.motion_1" ];
# to = "off";
# for = "00:00:25";
# };
# action = {
# service = "switch.turn_off";
# entity_id = "group.kitchen";
# };
#}
];
group = {
bed_room = {
name = "Schlafzimmer";
view = false;
};
tv = {
name = "TV";
view = false;
};
living_room = {
name = "Wohnzimmer";
view = false;
};
kitchen = {
name = "Küche";
view = false;
};
today = {
control = "hidden";
name = "Today";
view = false;
entities = [ "sensor.weather_temperature" "sun.sun" ];
};
all_lights = {
name = "All Lights";
view = false;
};
unknown = {
control = "hidden";
name = "Not Used";
view = false;
};
view_rooms = {
name = "Räume";
view = true;
entities = [
"group.all_lights"
"group.bed_room"
"group.living_room"
"group.kitchen"
"group.tv"
]; ];
}; };
prometheus.namespace = "hass"; view_overview = {
name = "Übersicht";
automation = [ view = true;
entities = [ "group.today" ];
# todo when ich weis ich bin zuhause
#{
# alias = "Licht and wenn Dunkel";
# trigger = {
# platform = "state";
# entity_id = [ "binary_sensor.night" ];
# from = "off";
# to = "on";
# };
# action = [
# {
# service = "switch.turn_on";
# entity_id = "group.kitchen";
# }
# {
# service = "switch.turn_on";
# entity_id = "group.living_room";
# }
# ];
#}
#{
# alias = "Küchen Sensor An";
# trigger = {
# platform = "state";
# entity_id = [ "binary_sensor.motion_1" ];
# to = "on";
# };
# action = {
# service = "switch.turn_on";
# entity_id = "group.kitchen";
# };
#}
#{
# alias = "Küchen Sensor aus";
# trigger = {
# platform = "state";
# entity_id = [ "binary_sensor.motion_1" ];
# to = "off";
# for = "00:00:25";
# };
# action = {
# service = "switch.turn_off";
# entity_id = "group.kitchen";
# };
#}
];
group = {
bed_room = {
name = "Schlafzimmer";
view = false;
};
tv = {
name = "TV";
view = false;
};
living_room = {
name = "Wohnzimmer";
view = false;
};
kitchen = {
name = "Küche";
view = false;
};
today = {
control = "hidden";
name = "Today";
view = false;
entities = [
"sensor.weather_temperature"
"sun.sun"
];
};
all_lights = {
name = "All Lights";
view = false;
};
unknown = {
control = "hidden";
name = "Not Used";
view = false;
};
view_rooms = {
name = "Räume";
view = true;
entities = [
"group.all_lights"
"group.bed_room"
"group.living_room"
"group.kitchen"
"group.tv"
];
};
view_overview = {
name = "Übersicht";
view = true;
entities = [ "group.today" ];
};
}; };
sun = {}; };
script.turn_all_off.sequence = [ ]; sun = { };
script.turn_all_on.sequence = [ ]; script.turn_all_off.sequence = [ ];
sensor = [ script.turn_all_on.sequence = [ ];
# Weather prediction
{ platform = "zamg";
name = "Weather";
}
];
# todo: add holidays package to home-assiatnt sensor = [
binary_sensor = [ # Weather prediction
{ {
name = "before_workday"; platform = "zamg";
platform = "workday"; name = "Weather";
country = "DE"; }
province = "NW"; ];
workdays = [ "mon" "tue" "wed" "thu" "fri" ];
days_offset = 1; # todo: add holidays package to home-assiatnt
} binary_sensor = [
{ {
name = "workday"; name = "before_workday";
platform = "workday"; platform = "workday";
country = "DE"; country = "DE";
province = "NW"; province = "NW";
workdays = [ "mon" "tue" "wed" "thu" "fri" ]; workdays = [ "mon" "tue" "wed" "thu" "fri" ];
} days_offset = 1;
]; }
{
name = "workday";
platform = "workday";
country = "DE";
province = "NW";
workdays = [ "mon" "tue" "wed" "thu" "fri" ];
}
];
}; };
services.home-assistant = { services.home-assistant = {
enable = true; enable = true;
package = unstablePkgs.home-assistant.override{ package = unstablePkgs.home-assistant.override {
python3 = unstablePkgs.python36; python3 = unstablePkgs.python36;
extraPackages = python: [ extraPackages = python: [
# todo : check which is still needed # todo : check which is still needed
@ -196,22 +187,20 @@ in {
python.paho-mqtt python.paho-mqtt
# needed for platform workday # needed for platform workday
(python.buildPythonPackage rec{ (python.buildPythonPackage rec {
pname = "holidays"; pname = "holidays";
version = "0.9.10"; version = "0.9.10";
src = python.fetchPypi { src = python.fetchPypi {
inherit pname version; inherit pname version;
sha256 = "9f06d143eb708e8732230260636938f2f57114e94defd8fa2082408e0d422d6f"; sha256 =
"9f06d143eb708e8732230260636938f2f57114e94defd8fa2082408e0d422d6f";
}; };
doCheck = false; doCheck = false;
buildInputs = [ pkgs.dateutils ]; buildInputs = [ pkgs.dateutils ];
propagatedBuildInputs = [ propagatedBuildInputs = [ python."python-dateutil" python."six" ];
python."python-dateutil"
python."six"
];
meta = with pkgs.stdenv.lib; { meta = with pkgs.stdenv.lib; {
homepage = "https://github.com/dr-prodigy/python-holidays"; homepage = "https://github.com/dr-prodigy/python-holidays";
license = licenses.mit; license = licenses.mit;

23
configs/porani/home-assistant/chaospott.nix
View file

@ -43,10 +43,7 @@ in {
"${name}" = { "${name}" = {
name = "ChaosPott (Essen)"; name = "ChaosPott (Essen)";
control = "hidden"; control = "hidden";
entities = [ entities = [ "sensor.${name}_aerie" "sensor.${name}_cellar" ];
"sensor.${name}_aerie"
"sensor.${name}_cellar"
];
}; };
view_overview.entities = [ "group.${name}" ]; view_overview.entities = [ "group.${name}" ];
}; };
@ -62,14 +59,15 @@ in {
Type = "oneshot"; Type = "oneshot";
}; };
description = "set ${name} for homeassistant"; description = "set ${name} for homeassistant";
script = /* sh */ '' script = # sh
${pkgs.curl}/bin/curl -Ls https://status.chaospott.de/api \ ''
| ${pkgs.jq}/bin/jq --compact-output \ ${pkgs.curl}/bin/curl -Ls https://status.chaospott.de/api \
'.sensors.door_locked | | ${pkgs.jq}/bin/jq --compact-output \
[.[] | { "\(.location)" : (if .value then "closed" else "open" end) }] | '.sensors.door_locked |
reduce .[] as $item ({}; . + $item) ' \ [.[] | { "\(.location)" : (if .value then "closed" else "open" end) }] |
>> ${filePath} reduce .[] as $item ({}; . + $item) ' \
''; >> ${filePath}
'';
}; };
systemd.timers."${name}" = { systemd.timers."${name}" = {
@ -81,5 +79,4 @@ in {
}; };
}; };
} }

27
configs/porani/home-assistant/dayOfWeek.nix
View file

@ -7,13 +7,12 @@ let
in { in {
services.homeAssistantConfig = { services.homeAssistantConfig = {
sensor = [ sensor = [{
{ platform = "file"; platform = "file";
name = "day_of_week"; name = "day_of_week";
file_path = filePath; file_path = filePath;
value_template = "{{ value_json.dayOfWeek }}"; value_template = "{{ value_json.dayOfWeek }}";
} }];
];
homeassistant = { homeassistant = {
whitelist_external_dirs = [ folderPath ]; whitelist_external_dirs = [ folderPath ];
@ -23,11 +22,7 @@ in {
}; };
}; };
group = { group = { overview.entities = [ "sensor.day_of_week" ]; };
overview.entities = [
"sensor.day_of_week"
];
};
}; };
@ -40,9 +35,10 @@ in {
Type = "oneshot"; Type = "oneshot";
}; };
description = "set day of wek for homeassistant"; description = "set day of wek for homeassistant";
script = /* sh */ '' script = # sh
date +'{"dayOfWeek":"%A"}' >> ${filePath} ''
''; date +'{"dayOfWeek":"%A"}' >> ${filePath}
'';
}; };
systemd.timers.dayOfWeek = { systemd.timers.dayOfWeek = {
enable = true; enable = true;
@ -53,5 +49,4 @@ in {
}; };
}; };
} }

37
configs/porani/home-assistant/holiday.nix
View file

@ -13,12 +13,14 @@ in {
# todo : use the python tool # todo : use the python tool
sensor = [ sensor = [
{ platform = "file"; {
platform = "file";
name = "${name}_date"; name = "${name}_date";
file_path = filePath; file_path = filePath;
value_template = "{{ value_json.date }}"; value_template = "{{ value_json.date }}";
} }
{ platform = "file"; {
platform = "file";
name = "${name}_name"; name = "${name}_name";
file_path = filePath; file_path = filePath;
value_template = "{{ value_json.name }}"; value_template = "{{ value_json.name }}";
@ -45,10 +47,7 @@ in {
name = "Feiertage"; name = "Feiertage";
view = false; view = false;
control = "hidden"; control = "hidden";
entities = [ entities = [ "sensor.${name}_date" "sensor.${name}_name" ];
"sensor.${name}_date"
"sensor.${name}_name"
];
}; };
view_overview.entities = [ "group.holidays" ]; view_overview.entities = [ "group.holidays" ];
@ -66,18 +65,19 @@ in {
Type = "oneshot"; Type = "oneshot";
}; };
description = "set ${name} for homeassistant"; description = "set ${name} for homeassistant";
script = /* sh */ '' script = # sh
${pkgs.curl}/bin/curl \ ''
-Ls "https://feiertage-api.de/api/?jahr=$( date +%Y )&nur_land=${state}" \ ${pkgs.curl}/bin/curl \
| ${pkgs.jq}/bin/jq --compact-output ' -Ls "https://feiertage-api.de/api/?jahr=$( date +%Y )&nur_land=${state}" \
map_values( .datum ) | | ${pkgs.jq}/bin/jq --compact-output '
to_entries | map_values( .datum ) |
map( { date: .value, name : .key } ) | to_entries |
sort_by( .date ) | map( { date: .value, name : .key } ) |
map(select ( .date >= "'`date +%Y-%m-%d`'" )) | sort_by( .date ) |
.[0]' \ map(select ( .date >= "'`date +%Y-%m-%d`'" )) |
>> ${filePath} .[0]' \
''; >> ${filePath}
'';
}; };
systemd.timers."${name}" = { systemd.timers."${name}" = {
@ -89,5 +89,4 @@ in {
}; };
}; };
} }

26
configs/porani/home-assistant/kodi.nix
View file

@ -1,23 +1,19 @@
{ pkgs, config, lib, ... }: { pkgs, config, lib, ... }: {
{
services.homeAssistantConfig = { services.homeAssistantConfig = {
group.view_overview.entities = [ group.view_overview.entities = [ "media_player.kodi" ];
"media_player.kodi"
];
media_player = [ media_player = [{
{ platform = "kodi";
platform = "kodi"; host = "127.0.0.1";
host = "127.0.0.1"; turn_on_action.service = "script.watch_tv";
turn_on_action.service = "script.watch_tv"; turn_off_action.service = "script.stop_watch_tv";
turn_off_action.service = "script.stop_watch_tv"; }];
}
];
shell_command = { shell_command = {
start_display = "sudo ${pkgs.systemd}/bin/systemctl start display-manager"; start_display =
"sudo ${pkgs.systemd}/bin/systemctl start display-manager";
stop_display = "sudo ${pkgs.systemd}/bin/systemctl stop display-manager"; stop_display = "sudo ${pkgs.systemd}/bin/systemctl stop display-manager";
}; };
@ -50,7 +46,7 @@
service = "switch.turn_on"; service = "switch.turn_on";
data.entity_id = "group.tv"; data.entity_id = "group.tv";
} }
{ delay.minutes = 1;} { delay.minutes = 1; }
{ {
alias = "start kodi"; alias = "start kodi";
service = "shell_command.start_display"; service = "shell_command.start_display";

26
configs/porani/home-assistant/mpd.nix
View file

@ -3,24 +3,18 @@
{ {
services.homeAssistantConfig = { services.homeAssistantConfig = {
group.view_overview.entities = [ group.view_overview.entities = [ "media_player.mpd" ];
"media_player.mpd"
];
media_player = [ media_player = [{
{ platform = "mpd";
platform = "mpd"; host = "localhost";
host = "localhost"; }];
}
];
script.turn_all_off.sequence = [ script.turn_all_off.sequence = [{
{ alias = "turn mpd off";
alias = "turn mpd off"; service = "media_player.turn_off";
service = "media_player.turn_off"; data.entity_id = "media_player.mpd";
data.entity_id = "media_player.mpd"; }];
}
];
script.turn_all_on.sequence = [ script.turn_all_on.sequence = [
{ {

214
configs/porani/home-assistant/sonoff.nix
View file

@ -1,118 +1,120 @@
{ pkgs, config, lib, ... }: { pkgs, config, lib, ... }:
let let unstablePkgs = import <nixpkgs-unstable> { };
unstablePkgs = import <nixpkgs-unstable> {};
in { in {
services.homeAssistantConfig = services.homeAssistantConfig = let
let
sonoffSwitches = { sonoffSwitches = {
"pal01" = { label = "Bett"; icon = "mdi:lightbulb-on"; }; "pal01" = {
"pal02" = { label = "Lampe"; icon = "mdi:lightbulb-on"; }; label = "Bett";
"pal03" = { label = "Couche"; icon = "mdi:lightbulb-on"; }; icon = "mdi:lightbulb-on";
"pal06" = { label = "Küche"; icon = "mdi:lightbulb-on"; }; };
"pal05" = { label = "TV"; icon = "mdi:television"; }; "pal02" = {
label = "Lampe";
"pal04" = { label = "Nummer 4"; icon = "mdi:power-plug-off"; }; icon = "mdi:lightbulb-on";
"pal07" = { label = "Nummer 7"; icon = "mdi:power-plug-off"; }; };
"pal08" = { label = "Nummer 8"; icon = "mdi:power-plug-off"; }; "pal03" = {
label = "Couche";
icon = "mdi:lightbulb-on";
};
"pal06" = {
label = "Küche";
icon = "mdi:lightbulb-on";
};
"pal05" = {
label = "TV";
icon = "mdi:television";
}; };
toSwitch = name: "switch.${name}"; "pal04" = {
label = "Nummer 4";
in { icon = "mdi:power-plug-off";
homeassistant = {
customize = lib.mapAttrs' (
entity: value:
{
name = toSwitch entity;
value = {
friendly_name = value.label;
icon = value.icon;
};
}
) sonoffSwitches;
}; };
"pal07" = {
script.turn_all_off.sequence = [ label = "Nummer 7";
{ icon = "mdi:power-plug-off";
alias = "turn off sonoff"; };
service = "switch.turn_off"; "pal08" = {
data.entity_id = "group.all_lights"; label = "Nummer 8";
} icon = "mdi:power-plug-off";
{
alias = "turn off sonoff";
service = "switch.turn_off";
data.entity_id = "group.tv";
}
];
script.turn_all_on.sequence = [
{
alias = "turn on all lights";
service = "switch.turn_on";
data.entity_id = "group.all_lights";
}
];
group = {
bed_room = {
entities = builtins.map toSwitch [ "pal01" ];
};
living_room = {
entities = builtins.map toSwitch [ "pal03" "pal02" ];
};
tv = {
entities = builtins.map toSwitch [ "pal05" ];
};
kitchen = {
entities = builtins.map toSwitch [ "pal06" ];
};
unknown = {
entities = builtins.map toSwitch [ "pal04" "pal07" "pal08" ];
};
all_lights = {
entities = builtins.map toSwitch [ "pal01" "pal02" "pal03" "pal06" ];
};
}; };
switch =
let
sonoffConfigurations = builtins.map (name:
{
name = name;
platform = "mqtt";
command_topic = "cmnd/${lib.toUpper name}/POWER";
state_topic = "stat/${lib.toUpper name}/POWER";
payload_on = "ON";
payload_off = "OFF";
state_on = "ON";
state_off = "OFF";
}) (builtins.attrNames sonoffSwitches) ;
in
sonoffConfigurations;
# discover state on init
automation = [
{
alias = "Sonoff initial Power state";
trigger = {
platform = "homeassistant";
event = "start";
};
action = builtins.map ( name:
{
service = "mqtt.publish";
data = {
topic = "cmnd/${lib.toUpper name}/power";
payload = "";
};
})
(builtins.attrNames sonoffSwitches);
}
];
}; };
toSwitch = name: "switch.${name}";
in {
homeassistant = {
customize = lib.mapAttrs' (entity: value: {
name = toSwitch entity;
value = {
friendly_name = value.label;
icon = value.icon;
};
}) sonoffSwitches;
};
script.turn_all_off.sequence = [
{
alias = "turn off sonoff";
service = "switch.turn_off";
data.entity_id = "group.all_lights";
}
{
alias = "turn off sonoff";
service = "switch.turn_off";
data.entity_id = "group.tv";
}
];
script.turn_all_on.sequence = [{
alias = "turn on all lights";
service = "switch.turn_on";
data.entity_id = "group.all_lights";
}];
group = {
bed_room = { entities = builtins.map toSwitch [ "pal01" ]; };
living_room = { entities = builtins.map toSwitch [ "pal03" "pal02" ]; };
tv = { entities = builtins.map toSwitch [ "pal05" ]; };
kitchen = { entities = builtins.map toSwitch [ "pal06" ]; };
unknown = {
entities = builtins.map toSwitch [ "pal04" "pal07" "pal08" ];
};
all_lights = {
entities = builtins.map toSwitch [ "pal01" "pal02" "pal03" "pal06" ];
};
};
switch = let
sonoffConfigurations = builtins.map (name: {
name = name;
platform = "mqtt";
command_topic = "cmnd/${lib.toUpper name}/POWER";
state_topic = "stat/${lib.toUpper name}/POWER";
payload_on = "ON";
payload_off = "OFF";
state_on = "ON";
state_off = "OFF";
}) (builtins.attrNames sonoffSwitches);
in sonoffConfigurations;
# discover state on init
automation = [{
alias = "Sonoff initial Power state";
trigger = {
platform = "homeassistant";
event = "start";
};
action = builtins.map (name: {
service = "mqtt.publish";
data = {
topic = "cmnd/${lib.toUpper name}/power";
payload = "";
};
}) (builtins.attrNames sonoffSwitches);
}];
};
} }

122
configs/porani/home-assistant/timer.nix
View file

@ -1,41 +1,35 @@
{ config, ... }: { config, ... }: {
{
imports = [ ./mpd.nix ]; imports = [ ./mpd.nix ];
services.homeAssistantConfig = { services.homeAssistantConfig = {
sensor = [ sensor = [{
{ platform = "time_date";
platform = "time_date"; display_options = [ "time" "date" ];
display_options = [ }];
"time"
"date"
];
}
];
input_datetime = { input_datetime = {
wakeup = { wakeup = {
name = "Arbeitswecker"; name = "Arbeitswecker";
has_time = true; has_time = true;
has_date = false; has_date = false;
icon = "mdi:alarm"; icon = "mdi:alarm";
}; };
leave = { leave = {
name = "Turn off Time"; name = "Turn off Time";
has_time = true; has_time = true;
has_date = false; has_date = false;
icon = "mdi:alarm"; icon = "mdi:alarm";
}; };
return = { return = {
name = "Return home"; name = "Return home";
has_time = true; has_time = true;
has_date = false; has_date = false;
icon = "mdi:alarm"; icon = "mdi:alarm";
}; };
sleep = { sleep = {
name = "Turn off Time"; name = "Turn off Time";
has_time = true; has_time = true;
has_date = false; has_date = false;
icon = "mdi:alarm"; icon = "mdi:alarm";
@ -63,7 +57,7 @@
input_select = { input_select = {
wakeup = { wakeup = {
name = "Playlist"; name = "Playlist";
icon = "mdi:library-music"; icon = "mdi:library-music";
options = [ "wakeup" "wakeup1" "wakeup2" ]; options = [ "wakeup" "wakeup1" "wakeup2" ];
}; };
@ -72,13 +66,13 @@
binary_sensor = [ binary_sensor = [
{ {
platform = "tod"; platform = "tod";
name = "night"; name = "night";
after = "sunset"; after = "sunset";
before = "sunrise"; before = "sunrise";
} }
{ {
platform = "tod"; platform = "tod";
name = "daytime"; name = "daytime";
after = "sunrise"; after = "sunrise";
before = "sunset"; before = "sunset";
} }
@ -101,30 +95,21 @@
view = false; view = false;
name = "Leave Time"; name = "Leave Time";
control = "hidden"; control = "hidden";
entities = [ entities = [ "input_boolean.leave" "input_datetime.leave" ];
"input_boolean.leave"
"input_datetime.leave"
];
}; };
timer_return = { timer_return = {
view = false; view = false;
name = "Nach Hause kommen"; name = "Nach Hause kommen";
control = "hidden"; control = "hidden";
entities = [ entities = [ "input_boolean.return" "input_datetime.return" ];
"input_boolean.return"
"input_datetime.return"
];
}; };
timer_sleep = { timer_sleep = {
view = false; view = false;
name = "Einschlafen"; name = "Einschlafen";
control = "hidden"; control = "hidden";
entities = [ entities = [ "input_boolean.sleep" "input_datetime.sleep" ];
"input_boolean.sleep"
"input_datetime.sleep"
];
}; };
timers.entities = [ timers.entities = [
@ -136,10 +121,7 @@
"binary_sensor.daytime" "binary_sensor.daytime"
]; ];
today.entities = [ today.entities = [ "sensor.date" "sensor.time" ];
"sensor.date"
"sensor.time"
];
view_overview.entities = [ view_overview.entities = [
"group.timer_wakeup" "group.timer_wakeup"
@ -199,21 +181,17 @@
}; };
condition = { condition = {
condition = "and"; condition = "and";
conditions = [ conditions = [{
{ condition = "state";
condition = "state"; entity_id = "input_boolean.leave";
entity_id = "input_boolean.leave"; state = "on";
state = "on"; }];
}
];
}; };
action = [ action = [{
{ alias = "turn all off";
alias = "turn all off"; service = "script.turn_on";
service = "script.turn_on"; entity_id = "script.turn_all_off";
entity_id = "script.turn_all_off"; }];
}
];
} }
{ {
@ -225,21 +203,17 @@
}; };
condition = { condition = {
condition = "and"; condition = "and";
conditions = [ conditions = [{
{ condition = "state";
condition = "state"; entity_id = "input_boolean.return";
entity_id = "input_boolean.return"; state = "on";
state = "on"; }];
}
];
}; };
action = [ action = [{
{ alias = "turn all on";
alias = "turn all on"; service = "script.turn_on";
service = "script.turn_on"; entity_id = "script.turn_all_on";
entity_id = "script.turn_all_on"; }];
}
];
} }
{ {
@ -251,21 +225,17 @@
}; };
condition = { condition = {
condition = "and"; condition = "and";
conditions = [ conditions = [{
{ condition = "state";
condition = "state"; entity_id = "input_boolean.sleep";
entity_id = "input_boolean.sleep"; state = "on";
state = "on"; }];
}
];
}; };
action = [ action = [{
{ alias = "turn all off";
alias = "turn all off"; service = "script.turn_on";
service = "script.turn_on"; entity_id = "script.turn_all_off";
entity_id = "script.turn_all_off"; }];
}
];
} }
]; ];

243
configs/porani/home-assistant/zigbee2mqtt.nix
View file

@ -1,4 +1,4 @@
{ pkgs, lib, config , ... }: { pkgs, lib, config, ... }:
let let
# allow new devices to join # allow new devices to join
@ -17,9 +17,7 @@ let
"temperature_sensor_1".id = "0x00158d0002d79220"; "temperature_sensor_1".id = "0x00158d0002d79220";
"temperature_sensor_2".id = "0x00158d0002d7913d"; "temperature_sensor_2".id = "0x00158d0002d7913d";
}; };
motion = { motion = { "motion_sensor_1".id = "0x00158d0002fbd451"; };
"motion_sensor_1".id = "0x00158d0002fbd451";
};
}; };
# todo : rename with allSensors # todo : rename with allSensors
@ -41,7 +39,7 @@ let
# MQTT server URL # MQTT server URL
server = "mqtt://127.0.0.1:1883"; server = "mqtt://127.0.0.1:1883";
# MQTT server authentication, uncomment if required: # MQTT server authentication, uncomment if required:
user = "zigbee"; user = "zigbee";
password = lib.fileContents <secrets/zigbee/password>; password = lib.fileContents <secrets/zigbee/password>;
}; };
@ -52,21 +50,19 @@ let
disable_led = true; disable_led = true;
}; };
devices = lib.mapAttrs' ( devices = lib.mapAttrs' (name:
name: { id , ... }: { id, ... }: {
{
name = id; name = id;
value = { value = {
retain = false; retain = false;
friendly_name = name; friendly_name = name;
}; };
} }) allSensors;
) allSensors;
}; };
configurationYaml = pkgs.writeText "configuration.yml" (builtins.toJSON zigBee2MqttConfig); configurationYaml =
in pkgs.writeText "configuration.yml" (builtins.toJSON zigBee2MqttConfig);
{ in {
imports = [ ./mqtt.nix ]; imports = [ ./mqtt.nix ];
services.homeAssistantConfig = { services.homeAssistantConfig = {
@ -74,55 +70,51 @@ in
# group.unknown.entities = [ "sensor.button_1" ]; # group.unknown.entities = [ "sensor.button_1" ];
sensor = let sensor = let
buttons = with lib; mapAttrsToList ( buttons = with lib;
name: {...}: mapAttrsToList (name:
{ { ... }: {
platform = "mqtt";
name = name;
icon = "mdi:toggle-switch";
state_topic = "zigbee2mqtt/${name}";
availability_topic = "zigbee2mqtt/bridge/state";
value_template = "{{ value_json.click }}";
}
) sensors.buttons;
temperature = with lib; mapAttrsToList (
name: {...}:
[
{
platform = "mqtt"; platform = "mqtt";
name = name; name = name;
icon = "mdi:toggle-switch";
state_topic = "zigbee2mqtt/${name}"; state_topic = "zigbee2mqtt/${name}";
availability_topic = "zigbee2mqtt/bridge/state"; availability_topic = "zigbee2mqtt/bridge/state";
unit_of_measurement = "°C"; value_template = "{{ value_json.click }}";
device_class = "temperature"; }) sensors.buttons;
value_template = "{{ value_json.temperature }}";
}
{
platform = "mqtt";
name = "humidity_${name}";
state_topic = "zigbee2mqtt/${name}";
availability_topic = "zigbee2mqtt/bridge/state";
unit_of_measurement = "%";
device_class = "humidity";
value_template = "{{ value_json.humidity }}";
}
{
platform = "mqtt";
name = "pressure_${name}";
state_topic = "zigbee2mqtt/${name}";
availability_topic = "zigbee2mqtt/bridge/state";
unit_of_measurement = "hPa";
device_class = "pressure";
value_template = "{{ value_json.pressure }}";
}
]
) sensors.temperature;
informations = lib.mapAttrsToList ( temperature = with lib;
name: {...}: mapAttrsToList (name:
[ { ... }: [
{
platform = "mqtt";
name = name;
state_topic = "zigbee2mqtt/${name}";
availability_topic = "zigbee2mqtt/bridge/state";
unit_of_measurement = "°C";
device_class = "temperature";
value_template = "{{ value_json.temperature }}";
}
{
platform = "mqtt";
name = "humidity_${name}";
state_topic = "zigbee2mqtt/${name}";
availability_topic = "zigbee2mqtt/bridge/state";
unit_of_measurement = "%";
device_class = "humidity";
value_template = "{{ value_json.humidity }}";
}
{
platform = "mqtt";
name = "pressure_${name}";
state_topic = "zigbee2mqtt/${name}";
availability_topic = "zigbee2mqtt/bridge/state";
unit_of_measurement = "hPa";
device_class = "pressure";
value_template = "{{ value_json.pressure }}";
}
]) sensors.temperature;
informations = lib.mapAttrsToList (name:
{ ... }: [
{ {
platform = "mqtt"; platform = "mqtt";
name = "battery_${name}"; name = "battery_${name}";
@ -140,17 +132,14 @@ in
unit_of_measurement = "-"; unit_of_measurement = "-";
value_template = "{{ value_json.linkquality }}"; value_template = "{{ value_json.linkquality }}";
} }
] ]) allSensors;
) allSensors;
in in lib.flatten (buttons ++ temperature ++ informations);
lib.flatten ( buttons ++ temperature ++ informations );
binary_sensor = let binary_sensor = let
motion = lib.mapAttrsToList ( motion = lib.mapAttrsToList (name:
name: { ... }: { ... }: {
{
name = name; name = name;
platform = "mqtt"; platform = "mqtt";
device_class = "motion"; device_class = "motion";
@ -160,31 +149,24 @@ in
payload_on = true; payload_on = true;
payload_off = false; payload_off = false;
value_template = "{{ value_json.occupancy }}"; value_template = "{{ value_json.occupancy }}";
} }) sensors.motion;
) sensors.motion; in lib.flatten (motion);
in
lib.flatten ( motion );
group = let group = let
information = name: [ "sensor.battery_${name}" "sensor.link_${name}" ]; information = name: [ "sensor.battery_${name}" "sensor.link_${name}" ];
sensor = lib.mapAttrs' ( sensor = lib.mapAttrs' (name:
name: {...}: { ... }: {
{
name = name; name = name;
value = { value = {
control = "hidden"; control = "hidden";
entities = ["sensor.${name}"] ++ (information name); entities = [ "sensor.${name}" ] ++ (information name);
}; };
} }) (sensors.buttons);
) (sensors.buttons);
sensorTemperature = lib.mapAttrs' ( sensorTemperature = lib.mapAttrs' (name:
name: { ... }: { ... }: {
{
name = name; name = name;
value = { value = {
control = "hidden"; control = "hidden";
@ -194,69 +176,62 @@ in
"sensor.pressure_${name}" "sensor.pressure_${name}"
] ++ (information name); ] ++ (information name);
}; };
} }) (sensors.temperature);
) (sensors.temperature);
binarySensor = lib.mapAttrs' ( binarySensor = lib.mapAttrs' (name:
name: { ... }: { ... }: {
{
name = name; name = name;
value = { value = {
control = "hidden"; control = "hidden";
entities = [ "binary_sensor.${name}" ] ++ (information name); entities = [ "binary_sensor.${name}" ] ++ (information name);
}; };
} }) (sensors.motion);
) (sensors.motion);
views = { views = {
view_sensors = { view_sensors = {
name = "Sensoren"; name = "Sensoren";
control = "hidden"; control = "hidden";
view = true; view = true;
entities = lib.mapAttrsToList (name: { ... }: "group.${name}") allSensors; entities =
lib.mapAttrsToList (name: { ... }: "group.${name}") allSensors;
}; };
}; };
in in views // sensor // binarySensor // sensorTemperature;
views // sensor // binarySensor // sensorTemperature ;
automation = automation = let
let lights = map (button: {
lights = map (button: alias = "Toggle all lights, on click";
{ trigger = {
alias = "Toggle all lights, on click"; platform = "mqtt";
trigger = { topic = "zigbee2mqtt/${button}";
platform = "mqtt"; };
topic = "zigbee2mqtt/${button}"; condition = {
}; condition = "template";
condition = { value_template = ''{{ "single" == trigger.payload_json.click }}'';
condition = "template"; };
value_template = ''{{ "single" == trigger.payload_json.click }}''; action = {
}; service = "switch.toggle";
action = { entity_id = "group.all_lights";
service = "switch.toggle"; };
entity_id = "group.all_lights"; }) [ "button_1" "button_2" "button_3" ];
}; mpd = map (button: {
}) ["button_1" "button_2" "button_3"]; alias = "Toggle mpd, on double click";
mpd = map (button: trigger = {
{ platform = "mqtt";
alias = "Toggle mpd, on double click"; topic = "zigbee2mqtt/${button}";
trigger = { };
platform = "mqtt"; condition = {
topic = "zigbee2mqtt/${button}"; condition = "template";
}; value_template = ''{{ "double" == trigger.payload_json.click }}'';
condition = { };
condition = "template"; action = {
value_template = ''{{ "double" == trigger.payload_json.click }}''; service = "media_player.toggle";
}; # todo use a group here
action = { entity_id = "media_player.mpd";
service = "media_player.toggle"; };
# todo use a group here }) [ "button_1" "button_2" "button_3" ];
entity_id = "media_player.mpd"; in lights ++ mpd;
};
}) ["button_1" "button_2" "button_3"];
in
lights ++ mpd;
# click = double => music an aus # click = double => music an aus
@ -270,19 +245,20 @@ in
systemd.services."zigbee2mqtt" = { systemd.services."zigbee2mqtt" = {
enable = true; enable = true;
description = "Allows you to use your Zigbee devices without the vendors bridge/gateway."; description =
"Allows you to use your Zigbee devices without the vendors bridge/gateway.";
after = [ "docker.service" ]; after = [ "docker.service" ];
requires = [ "docker.service" ]; requires = [ "docker.service" ];
# todo : udev rule erstellen, die diesen service erst startet, dieses wanted by ist labil # todo : udev rule erstellen, die diesen service erst startet, dieses wanted by ist labil
wantedBy = [ "home-assistant.service" ]; wantedBy = [ "home-assistant.service" ];
preStart = '' preStart = ''
if [ -f ${dataFolder}/configuration.yaml ] if [ -f ${dataFolder}/configuration.yaml ]
then then
rm ${dataFolder}/configuration.yaml rm ${dataFolder}/configuration.yaml
fi fi
mkdir -p ${dataFolder} mkdir -p ${dataFolder}
cat ${configurationYaml} | ${pkgs.yq}/bin/yq --yaml-output '.' > ${dataFolder}/configuration.yaml cat ${configurationYaml} | ${pkgs.yq}/bin/yq --yaml-output '.' > ${dataFolder}/configuration.yaml
''; '';
restartTriggers = [ configurationYaml ]; restartTriggers = [ configurationYaml ];
@ -300,5 +276,4 @@ in
''; '';
}; };
} }

8
configs/porani/kodi.nix
View file

@ -1,6 +1,4 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }: {
{
services.xserver = { services.xserver = {
enable = true; enable = true;
@ -10,7 +8,7 @@
default = "kodi"; default = "kodi";
xterm.enable = false; xterm.enable = false;
}; };
displayManager ={ displayManager = {
sddm = { sddm = {
enable = true; enable = true;
autoLogin = { autoLogin = {
@ -24,7 +22,7 @@
users = { users = {
# mutableUsers = true; # mutableUsers = true;
users.kodi= { users.kodi = {
isNormalUser = true; isNormalUser = true;
name = "kodi"; name = "kodi";
uid = 1338; uid = 1338;

3
configs/porani/mpd.nix
View file

@ -1,5 +1,4 @@
{ config, lib, ... }: { config, lib, ... }: {
{
sound.enable = true; sound.enable = true;

6
configs/porani/packages.nix
View file

@ -1,7 +1,5 @@
{ pkgs, ... }: { pkgs, ... }: {
{
environment.systemPackages = [ environment.systemPackages = [ ];
];
} }

10
configs/porani/syncthing.nix
View file

@ -1,11 +1,11 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }: {
{
custom.samba-share = { custom.samba-share = {
enable = true; enable = true;
folders = { folders = {
movies = config.test.services.syncthing.declarative.folders.movies.path; movies = config.test.services.syncthing.declarative.folders.movies.path;
series = config.test.services.syncthing.declarative.folders.series.path; series = config.test.services.syncthing.declarative.folders.series.path;
music = config.test.services.syncthing.declarative.folders.music-library.path; music =
config.test.services.syncthing.declarative.folders.music-library.path;
}; };
}; };
@ -58,7 +58,7 @@
enable = true; enable = true;
path = "/media/series"; path = "/media/series";
}; };
smartphone-music= { smartphone-music = {
enable = true; enable = true;
path = "/media/smartphone-music"; path = "/media/smartphone-music";
}; };
@ -82,7 +82,7 @@
users.groups."syncthing".members = [ "mpd" "syncthing" "kodi" "palo" ]; users.groups."syncthing".members = [ "mpd" "syncthing" "kodi" "palo" ];
backup.all.restic.dirs = ["/var/lib/syncthing/finance"]; backup.all.restic.dirs = [ "/var/lib/syncthing/finance" ];
} }

3
configs/porani/tinc.nix
View file

@ -1,5 +1,4 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }: {
{
module.cluster.services.tinc = { module.cluster.services.tinc = {
"private" = { "private" = {

54
configs/porani/wifi-access-point.nix
View file

@ -1,23 +1,23 @@
{lib, pkgs, ... }: { lib, pkgs, ... }:
let let
wifi = "wlp0s29u1u2"; wifi = "wlp0s29u1u2";
ipAddress = "10.23.45.1"; ipAddress = "10.23.45.1";
prefixLength = 24; prefixLength = 24;
servedAddressRange = "10.23.45.2,10.23.45.150,12h"; servedAddressRange = "10.23.45.2,10.23.45.150,12h";
ssid="palosiot"; ssid = "palosiot";
wifiPassword=lib.fileContents <secrets/iot_wifi>; wifiPassword = lib.fileContents <secrets/iot_wifi>;
in
{ in {
# todo only open needed ports # todo only open needed ports
networking.firewall.trustedInterfaces = [ wifi ]; networking.firewall.trustedInterfaces = [ wifi ];
networking.networkmanager.unmanaged = [ wifi ]; networking.networkmanager.unmanaged = [ wifi ];
networking.dhcpcd.denyInterfaces = [ wifi ]; networking.dhcpcd.denyInterfaces = [ wifi ];
networking.interfaces."${wifi}".ipv4.addresses = [ { networking.interfaces."${wifi}".ipv4.addresses = [{
address = ipAddress; prefixLength = prefixLength; address = ipAddress;
prefixLength = prefixLength;
}]; }];
systemd.services.hostapd = { systemd.services.hostapd = {
@ -25,25 +25,33 @@ in
path = [ pkgs.hostapd ]; path = [ pkgs.hostapd ];
wantedBy = [ "network.target" ]; wantedBy = [ "network.target" ];
after = [ "${wifi}-cfg.service" "nat.service" "bind.service" "dhcpd.service" "sys-subsystem-net-devices-${wifi}.device" ]; after = [
"${wifi}-cfg.service"
"nat.service"
"bind.service"
"dhcpd.service"
"sys-subsystem-net-devices-${wifi}.device"
];
serviceConfig = { serviceConfig = {
ExecStart = "${pkgs.hostapd}/bin/hostapd ${pkgs.writeText "hostapd.conf" '' ExecStart = "${pkgs.hostapd}/bin/hostapd ${
interface=${wifi} pkgs.writeText "hostapd.conf" ''
hw_mode=g interface=${wifi}
channel=10 hw_mode=g
ieee80211d=1 channel=10
country_code=DE ieee80211d=1
ieee80211n=1 country_code=DE
wmm_enabled=1 ieee80211n=1
wmm_enabled=1
ssid=${ssid} ssid=${ssid}
auth_algs=1 auth_algs=1
wpa=2 wpa=2
wpa_key_mgmt=WPA-PSK wpa_key_mgmt=WPA-PSK
rsn_pairwise=CCMP rsn_pairwise=CCMP
wpa_passphrase=${wifiPassword} wpa_passphrase=${wifiPassword}
''}"; ''
}";
Restart = "always"; Restart = "always";
}; };
}; };

13
configs/sputnik/configuration.nix
View file

@ -1,5 +1,4 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }: {
{
imports = [ imports = [
<system/proxy> <system/proxy>
@ -12,14 +11,14 @@
]; ];
networking.hostName = "sputnik"; networking.hostName = "sputnik";
networking.useDHCP = true; networking.useDHCP = true;
boot.kernelParams = [ "net.ifnames=0" ]; boot.kernelParams = [ "net.ifnames=0" ];
boot.loader.grub = { boot.loader.grub = {
enable = true; enable = true;
version = 2; version = 2;
device = "/dev/sda"; device = "/dev/sda";
}; };
# nix-shell -p speedtest_cli --run speedtest # nix-shell -p speedtest_cli --run speedtest
@ -31,7 +30,8 @@
balance = false; balance = false;
}; };
services.custom.ssh.sshd.rootKeyFiles = [ (toString <secrets/ssh/jenkins_rsa.pub>) ]; services.custom.ssh.sshd.rootKeyFiles =
[ (toString <secrets/ssh/jenkins_rsa.pub>) ];
# make sure ssh is only available trough the tinc # make sure ssh is only available trough the tinc
networking.firewall.extraCommands = '' networking.firewall.extraCommands = ''
@ -40,4 +40,3 @@
} }

15
configs/sputnik/hardware-configuration.nix
View file

@ -4,18 +4,17 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
{ {
imports = imports = [ <nixpkgs/nixos/modules/profiles/qemu-guest.nix> ];
[ <nixpkgs/nixos/modules/profiles/qemu-guest.nix>
];
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ]; boot.initrd.availableKernelModules =
[ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ];
boot.kernelModules = [ ]; boot.kernelModules = [ ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems."/" = fileSystems."/" = {
{ device = "/dev/disk/by-uuid/8f2986a3-d2b0-4735-be98-9ec081b87984"; device = "/dev/disk/by-uuid/8f2986a3-d2b0-4735-be98-9ec081b87984";
fsType = "ext4"; fsType = "ext4";
}; };
swapDevices = [ ]; swapDevices = [ ];

17
configs/sputnik/mail-server.nix
View file

@ -1,8 +1,8 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }: {
{
imports = [ imports = [
(builtins.fetchTarball { (builtins.fetchTarball {
url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/v2.2.1/nixos-mailserver-v2.2.1.tar.gz"; url =
"https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/v2.2.1/nixos-mailserver-v2.2.1.tar.gz";
sha256 = "03d49v8qnid9g9rha0wg2z6vic06mhp0b049s3whccn1axvs2zzx"; sha256 = "03d49v8qnid9g9rha0wg2z6vic06mhp0b049s3whccn1axvs2zzx";
}) })
]; ];
@ -16,22 +16,21 @@
# nix-shell -p mkpasswd --run 'mkpasswd -m sha-512 "super secret password"' # nix-shell -p mkpasswd --run 'mkpasswd -m sha-512 "super secret password"'
loginAccounts = { loginAccounts = {
"root@gaykraft.com" = { "root@gaykraft.com" = {
hashedPassword = lib.fileContents <secrets/mailserver/hashedPasswords/root_at_gaykraft.com>; hashedPassword = lib.fileContents
<secrets/mailserver/hashedPasswords/root_at_gaykraft.com>;
#aliases = [ #aliases = [
# "postmaster@gaykraft.com" # "postmaster@gaykraft.com"
#]; #];
# Make this user the catchAll address for domains # Make this user the catchAll address for domains
catchAll = [ catchAll = [ "gaykraft.com" ];
"gaykraft.com"
];
}; };
}; };
# Extra virtual aliases. These are email addresses that are forwarded to # Extra virtual aliases. These are email addresses that are forwarded to
# loginAccounts addresses. # loginAccounts addresses.
#extraVirtualAliases = { #extraVirtualAliases = {
# address = forward address; # address = forward address;
#"abuse@example.com" = "user1@example.com"; #"abuse@example.com" = "user1@example.com";
#}; #};
# Use Let's Encrypt certificates. Note that this needs to set up a stripped # Use Let's Encrypt certificates. Note that this needs to set up a stripped

117
configs/sputnik/nginx.nix
View file

@ -1,5 +1,4 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }: {
{
networking.firewall.allowedTCPPorts = [ 80 443 ]; networking.firewall.allowedTCPPorts = [ 80 443 ];
@ -9,26 +8,38 @@
"git.ingolf-wagner.de" = { "git.ingolf-wagner.de" = {
listen = [ listen = [
{ addr = "0.0.0.0"; port = 4443; ssl = true; } {
{ addr = "0.0.0.0"; port = 80; ssl = false; } addr = "0.0.0.0";
port = 4443;
ssl = true;
}
{
addr = "0.0.0.0";
port = 80;
ssl = false;
}
]; ];
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
locations."/" = { locations."/" = { proxyPass = "http://workhorse.private:3000"; };
proxyPass = "http://workhorse.private:3000";
};
}; };
"paste.ingolf-wagner.de" = { "paste.ingolf-wagner.de" = {
listen = [ listen = [
{ addr = "0.0.0.0"; port = 4443; ssl = true; } {
{ addr = "0.0.0.0"; port = 80; ssl = false; } addr = "0.0.0.0";
port = 4443;
ssl = true;
}
{
addr = "0.0.0.0";
port = 80;
ssl = false;
}
]; ];
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
locations."/" = { locations."/" = { proxyPass = "http://workhorse.private:8000"; };
proxyPass = "http://workhorse.private:8000";
};
}; };
#"landing.ingolf-wagner.de" = { #"landing.ingolf-wagner.de" = {
@ -46,10 +57,18 @@
"tech.ingolf-wagner.de" = { "tech.ingolf-wagner.de" = {
listen = [ listen = [
{ addr = "0.0.0.0"; port = 4443; ssl = true; } {
{ addr = "0.0.0.0"; port = 80; ssl = false; } addr = "0.0.0.0";
port = 4443;
ssl = true;
}
{
addr = "0.0.0.0";
port = 80;
ssl = false;
}
]; ];
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
locations."/" = { locations."/" = {
root = "/srv/www/tech"; root = "/srv/www/tech";
@ -63,10 +82,18 @@
"terranix.org" = { "terranix.org" = {
listen = [ listen = [
{ addr = "0.0.0.0"; port = 4443; ssl = true; } {
{ addr = "0.0.0.0"; port = 80; ssl = false; } addr = "0.0.0.0";
port = 4443;
ssl = true;
}
{
addr = "0.0.0.0";
port = 80;
ssl = false;
}
]; ];
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
locations."/" = { locations."/" = {
root = "/srv/www/terranix"; root = "/srv/www/terranix";
@ -78,13 +105,20 @@
}; };
}; };
"seafile.gaykraft.com" = { "seafile.gaykraft.com" = {
listen = [ listen = [
{ addr = "0.0.0.0"; port = 4443; ssl = true; } {
{ addr = "0.0.0.0"; port = 80; ssl = false; } addr = "0.0.0.0";
port = 4443;
ssl = true;
}
{
addr = "0.0.0.0";
port = 80;
ssl = false;
}
]; ];
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
locations."/" = { locations."/" = {
proxyPass = "http://workhorse.private:3030"; proxyPass = "http://workhorse.private:3030";
@ -105,14 +139,20 @@
"gaykraft.com" = { "gaykraft.com" = {
listen = [ listen = [
{ addr = "0.0.0.0"; port = 4443; ssl = true; } {
{ addr = "0.0.0.0"; port = 80; ssl = false; } addr = "0.0.0.0";
port = 4443;
ssl = true;
}
{
addr = "0.0.0.0";
port = 80;
ssl = false;
}
]; ];
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
locations."/" = { locations."/" = { root = "/srv/www/gaykraft"; };
root = "/srv/www/gaykraft";
};
}; };
}; };
@ -124,14 +164,15 @@
port = 443; port = 443;
verbose = false; verbose = false;
transparent = true; transparent = true;
appendConfig = /* json */ '' appendConfig = # json
protocols: ''
( protocols:
{ name: "ssh"; service: "ssh"; host: "localhost"; port: "2222"; probe: "builtin"; }, (
{ name: "ssl"; host: "localhost"; port: "4443"; probe: "builtin"; }, { name: "ssh"; service: "ssh"; host: "localhost"; port: "2222"; probe: "builtin"; },
{ name: "tinc"; host: "localhost"; port: "655"; probe: "builtin"; } { name: "ssl"; host: "localhost"; port: "4443"; probe: "builtin"; },
); { name: "tinc"; host: "localhost"; port: "655"; probe: "builtin"; }
''; );
'';
}; };
systemd.services."socat-proxy" = { systemd.services."socat-proxy" = {

3
configs/sputnik/tinc.nix
View file

@ -1,5 +1,4 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }: {
{
module.cluster.services.tinc = { module.cluster.services.tinc = {
"private" = { "private" = {
enable = true; enable = true;

21
configs/sterni/configuration.nix
View file

@ -1,6 +1,4 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }: {
{
imports = [ imports = [
@ -15,13 +13,13 @@
]; ];
networking.hostName = "sterni"; networking.hostName = "sterni";
system.custom.wifi.interfaces = ["wlp3s0"]; system.custom.wifi.interfaces = [ "wlp3s0" ];
security.wrappers = { security.wrappers = {
pmount.source = "${pkgs.pmount}/bin/pmount"; pmount.source = "${pkgs.pmount}/bin/pmount";
pumount.source = "${pkgs.pmount}/bin/pumount"; pumount.source = "${pkgs.pmount}/bin/pumount";
}; };
# keybase # keybase
@ -35,16 +33,16 @@
# fonts # fonts
# ----- # -----
programs.custom.urxvt.fontSize = 12; programs.custom.urxvt.fontSize = 12;
programs.custom.xterm.fontSize = 12; programs.custom.xterm.fontSize = 12;
system.custom.fonts.dpi = 100; system.custom.fonts.dpi = 100;
virtualisation = { virtualisation = {
docker.enable = false; docker.enable = false;
virtualbox = { virtualbox = {
host.enable = false; host.enable = false;
guest.x11 = false; guest.x11 = false;
guest.enable = false; guest.enable = false;
}; };
}; };
@ -71,4 +69,3 @@
} }

36
configs/sterni/hardware-configuration.nix
View file

@ -5,11 +5,10 @@
{ {
imports = imports = [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix> ];
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
];
boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "xhci_pci" "usb_storage" "sd_mod" "sdhci_pci" ]; boot.initrd.availableKernelModules =
[ "ehci_pci" "ahci" "xhci_pci" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.initrd.kernelModules = [ "dm-snapshot" ]; boot.initrd.kernelModules = [ "dm-snapshot" ];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
@ -34,8 +33,8 @@
#device = "/dev/ram2"; #device = "/dev/ram2";
#fsType = "tmpfs"; #fsType = "tmpfs";
options = [ "noatime" "nodiratime" "discard" ]; options = [ "noatime" "nodiratime" "discard" ];
device = "/dev/vg/browser"; device = "/dev/vg/browser";
fsType = "ext4"; fsType = "ext4";
}; };
nix.maxJobs = lib.mkDefault 4; nix.maxJobs = lib.mkDefault 4;
@ -43,34 +42,30 @@
# lvm volume group # lvm volume group
# ---------------- # ----------------
boot.initrd.luks.devices = [ boot.initrd.luks.devices = [{
{ name = "vg";
name = "vg"; device = "/dev/sda2";
device = "/dev/sda2"; preLVM = true;
preLVM = true; }];
}
];
# NTFS support # NTFS support
# ------------ # ------------
environment.systemPackages = [ environment.systemPackages = [ pkgs.ntfs3g ];
pkgs.ntfs3g
];
# root # root
# ---- # ----
fileSystems."/" = { fileSystems."/" = {
options = [ "noatime" "nodiratime" "discard" ]; options = [ "noatime" "nodiratime" "discard" ];
device = "/dev/vg/root"; device = "/dev/vg/root";
fsType = "ext4"; fsType = "ext4";
}; };
# home # home
# ---- # ----
fileSystems."/home" = { fileSystems."/home" = {
options = [ "noatime" "nodiratime" "discard" ]; options = [ "noatime" "nodiratime" "discard" ];
device = "/dev/vg/home"; device = "/dev/vg/home";
fsType = "ext4"; fsType = "ext4";
}; };
# /home/palo/private/.fotos.ct # /home/palo/private/.fotos.ct
@ -88,5 +83,4 @@
fsType = "vfat"; fsType = "vfat";
}; };
} }

8
configs/sterni/packages.nix
View file

@ -1,9 +1,5 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }: {
{
environment.systemPackages = with pkgs ; [ environment.systemPackages = with pkgs; [ bitwig-studio sononym ];
bitwig-studio
sononym
];
} }

5
configs/sterni/syncthing.nix
View file

@ -1,5 +1,4 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }: {
{
test.services.syncthing = { test.services.syncthing = {
enable = true; enable = true;
@ -43,7 +42,7 @@
enable = true; enable = true;
path = "/home/palo/smartphone-fotos"; path = "/home/palo/smartphone-fotos";
}; };
smartphone-music= { smartphone-music = {
enable = true; enable = true;
path = "/home/palo/smartphone-music"; path = "/home/palo/smartphone-music";
}; };

51
configs/sterni/wifi-access-point.nix
View file

@ -1,22 +1,21 @@
{lib, pkgs, ... }: { lib, pkgs, ... }:
let let
wifi = "wlp0s29u1u2"; wifi = "wlp0s29u1u2";
ipAddress = "10.123.145.1"; ipAddress = "10.123.145.1";
prefixLength = 24; prefixLength = 24;
servedAddressRange = "10.123.145.2,10.123.145.150,12h"; servedAddressRange = "10.123.145.2,10.123.145.150,12h";
ssid="bumbumbum"; ssid = "bumbumbum";
wifiPassword=lib.fileContents <secrets/wifi-access-point>; wifiPassword = lib.fileContents <secrets/wifi-access-point>;
in
{ in {
# todo only open needed ports # todo only open needed ports
networking.firewall.trustedInterfaces = [ wifi ]; networking.firewall.trustedInterfaces = [ wifi ];
networking.networkmanager.unmanaged = [ wifi ]; networking.networkmanager.unmanaged = [ wifi ];
networking.dhcpcd.denyInterfaces = [ wifi ]; networking.dhcpcd.denyInterfaces = [ wifi ];
networking.interfaces."${wifi}".ipv4.addresses = [ { networking.interfaces."${wifi}".ipv4.addresses = [{
address = ipAddress; address = ipAddress;
prefixLength = prefixLength; prefixLength = prefixLength;
}]; }];
@ -35,25 +34,33 @@ in
# start manual # start manual
# wantedBy = [ "network.target" ]; # wantedBy = [ "network.target" ];
after = [ "${wifi}-cfg.service" "nat.service" "bind.service" "dhcpd.service" "sys-subsystem-net-devices-${wifi}.device" ]; after = [
"${wifi}-cfg.service"
"nat.service"
"bind.service"
"dhcpd.service"
"sys-subsystem-net-devices-${wifi}.device"
];
serviceConfig = { serviceConfig = {
ExecStart = "${pkgs.hostapd}/bin/hostapd ${pkgs.writeText "hostapd.conf" '' ExecStart = "${pkgs.hostapd}/bin/hostapd ${
interface=${wifi} pkgs.writeText "hostapd.conf" ''
hw_mode=g interface=${wifi}
channel=10 hw_mode=g
ieee80211d=1 channel=10
country_code=DE ieee80211d=1
ieee80211n=1 country_code=DE
wmm_enabled=1 ieee80211n=1
wmm_enabled=1
ssid=${ssid} ssid=${ssid}
auth_algs=1 auth_algs=1
wpa=2 wpa=2
wpa_key_mgmt=WPA-PSK wpa_key_mgmt=WPA-PSK
rsn_pairwise=CCMP rsn_pairwise=CCMP
wpa_passphrase=${wifiPassword} wpa_passphrase=${wifiPassword}
''}"; ''
}";
Restart = "always"; Restart = "always";
}; };
}; };

22
configs/workhorse/bepasty.nix
View file

@ -1,8 +1,7 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
with lib; with lib;
let let port = 8000;
port = 8000;
in { in {
# configure nginx # configure nginx
@ -18,7 +17,9 @@ in {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 90; proxy_read_timeout 90;
proxy_redirect http://localhost:${toString port} https://paste.workhorse.private/; proxy_redirect http://localhost:${
toString port
} https://paste.workhorse.private/;
''; '';
}; };
}; };
@ -38,19 +39,20 @@ in {
secretKeyFile = config.krops.userKeys."bepasty".target; secretKeyFile = config.krops.userKeys."bepasty".target;
extraConfig = '' extraConfig = ''
PERMISSIONS = { PERMISSIONS = {
'${lib.fileContents <common_secrets/bepasty/admin-password>}': 'admin,list,create,read,delete', '${
lib.fileContents <common_secrets/bepasty/admin-password>
}': 'admin,list,create,read,delete',
} }
''; '';
}; };
}; };
/* fix bepasty service */ # fix bepasty service
nixpkgs.overlays = let nixpkgs.overlays = let
overlay = self: super: overlay = self: super: {
{ bepasty =
bepasty = super.bepasty.override { python3Packages = pkgs.python27Packages; }; super.bepasty.override { python3Packages = pkgs.python27Packages; };
}; };
in in [ overlay ];
[ overlay ];
} }

17
configs/workhorse/configuration.nix
View file

@ -1,5 +1,4 @@
{ lib, config, pkgs, ... }: { lib, config, pkgs, ... }: {
{
imports = [ imports = [
<system/server> <system/server>
@ -29,7 +28,7 @@
]; ];
networking.hostName = "workhorse"; networking.hostName = "workhorse";
# enable initrd ssh # enable initrd ssh
configuration.init-ssh = { configuration.init-ssh = {
@ -48,8 +47,8 @@
}; };
security.wrappers = { security.wrappers = {
pmount.source = "${pkgs.pmount}/bin/pmount"; pmount.source = "${pkgs.pmount}/bin/pmount";
pumount.source = "${pkgs.pmount}/bin/pumount"; pumount.source = "${pkgs.pmount}/bin/pumount";
}; };
services.logind.lidSwitch = lib.mkForce "ignore"; services.logind.lidSwitch = lib.mkForce "ignore";
@ -59,8 +58,8 @@
# font # font
# ---- # ----
programs.custom.urxvt.fontSize = 17; programs.custom.urxvt.fontSize = 17;
programs.custom.xterm.fontSize = 17; programs.custom.xterm.fontSize = 17;
system.custom.fonts.dpi = 140; system.custom.fonts.dpi = 140;
services.printing.enable = true; services.printing.enable = true;
@ -69,8 +68,8 @@
virtualisation = { virtualisation = {
docker.enable = true; docker.enable = true;
virtualbox = { virtualbox = {
host.enable = true; host.enable = true;
guest.x11 = true; guest.x11 = true;
guest.enable = true; guest.enable = true;
}; };
}; };

11
configs/workhorse/gogs.nix
View file

@ -1,14 +1,15 @@
{ config, lib, ... }: { config, lib, ... }: {
{
services.nginx = { services.nginx = {
enable = true; enable = true;
statusPage = true; statusPage = true;
virtualHosts = { virtualHosts = {
"gogs.${config.networking.hostName}.private" = { "gogs.${config.networking.hostName}.private" = {
serverAliases = ["git.${config.networking.hostName}.private"]; serverAliases = [ "git.${config.networking.hostName}.private" ];
locations."/" = { locations."/" = {
proxyPass = "http://${config.networking.hostName}.private:${toString config.services.gogs.httpPort}"; proxyPass = "http://${config.networking.hostName}.private:${
toString config.services.gogs.httpPort
}";
}; };
}; };
}; };
@ -31,7 +32,7 @@
SSH_PORT = 443 SSH_PORT = 443
START_SSH_SERVER = true START_SSH_SERVER = true
SSH_LISTEN_PORT = 2222 SSH_LISTEN_PORT = 2222
''; '';
}; };
backup.all.restic.dirs = [ config.services.gogs.repositoryRoot ]; backup.all.restic.dirs = [ config.services.gogs.repositoryRoot ];

26
configs/workhorse/grafana.nix
View file

@ -1,13 +1,14 @@
{ config, ... }: { config, ... }: {
{
services.nginx = { services.nginx = {
enable = true; enable = true;
statusPage = true; statusPage = true;
virtualHosts = { virtualHosts = {
"grafana.${config.networking.hostName}.private" = { "grafana.${config.networking.hostName}.private" = {
serverAliases = []; serverAliases = [ ];
locations."/" = { locations."/" = {
proxyPass = "http://${config.networking.hostName}.private:${toString config.services.grafana.port}"; proxyPass = "http://${config.networking.hostName}.private:${
toString config.services.grafana.port
}";
}; };
}; };
}; };
@ -16,7 +17,8 @@
services.grafana = { services.grafana = {
enable = true; enable = true;
port = 5656; port = 5656;
addr = config.module.cluster.services.tinc."private".hosts."${config.networking.hostName}".tincIp; addr =
config.module.cluster.services.tinc."private".hosts."${config.networking.hostName}".tincIp;
auth.anonymous = { auth.anonymous = {
enable = true; enable = true;
org_role = "Editor"; org_role = "Editor";
@ -24,14 +26,12 @@
}; };
provision = { provision = {
enable = true; enable = true;
datasources = [ datasources = [{
{ type = "prometheus";
type = "prometheus"; isDefault = true;
isDefault = true; name = "Prometheus Workhorse";
name = "Prometheus Workhorse"; url = "http://workhorse.private:9090";
url = "http://workhorse.private:9090"; }];
}
];
}; };
}; };

19
configs/workhorse/graylog.nix
View file

@ -1,8 +1,6 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let let port = 9000;
port = 9000; in {
in
{
# configure nginx # configure nginx
services.nginx = { services.nginx = {
enable = true; enable = true;
@ -16,7 +14,9 @@ in
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 90; proxy_read_timeout 90;
proxy_redirect http://localhost:${toString port} https://graylog.workhorse.private/; proxy_redirect http://localhost:${
toString port
} https://graylog.workhorse.private/;
''; '';
}; };
}; };
@ -27,7 +27,8 @@ in
services.mongodb.enable = true; services.mongodb.enable = true;
services.graylog.enable = true; services.graylog.enable = true;
services.graylog.elasticsearchHosts = [ "http://${config.services.elasticsearch.listenAddress}:9200" ]; services.graylog.elasticsearchHosts =
[ "http://${config.services.elasticsearch.listenAddress}:9200" ];
# https://docs.graylog.org/en/3.0/pages/configuration/server.conf.html # https://docs.graylog.org/en/3.0/pages/configuration/server.conf.html
services.graylog.extraConfig = '' services.graylog.extraConfig = ''
@ -39,10 +40,12 @@ in
services.graylog.nodeIdFile = "/var/lib/graylog/node-id"; services.graylog.nodeIdFile = "/var/lib/graylog/node-id";
# pwgen -N 1 -s 96 # pwgen -N 1 -s 96
services.graylog.passwordSecret = lib.fileContents <secrets/graylog/password-secret>; services.graylog.passwordSecret =
lib.fileContents <secrets/graylog/password-secret>;
# echo -n yourpassword | shasum -a 256 # echo -n yourpassword | shasum -a 256
services.graylog.rootPasswordSha2 = lib.fileContents <secrets/graylog/root-password-hash>; services.graylog.rootPasswordSha2 =
lib.fileContents <secrets/graylog/root-password-hash>;
environment.etc."graylog/server/GeoLite2-City.mmdb" = { environment.etc."graylog/server/GeoLite2-City.mmdb" = {
enable = true; enable = true;

72
configs/workhorse/hardware-configuration.nix
View file

@ -1,40 +1,34 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let let mainUserHome = "/home/palo";
mainUserHome = "/home/palo"; in {
in
{
# grub configuration # grub configuration
# ------------------ # ------------------
boot.loader.grub = { boot.loader.grub = {
device = "/dev/sda"; device = "/dev/sda";
enable = true; enable = true;
version = 2; version = 2;
}; };
# lvm volume group # lvm volume group
# ---------------- # ----------------
boot.initrd.luks.devices = [ boot.initrd.luks.devices = [{
{ name = "vg";
name = "vg"; device = "/dev/sda2";
device = "/dev/sda2"; preLVM = true;
preLVM = true; }];
}
];
# NTFS support # NTFS support
# ------------ # ------------
environment.systemPackages = [ environment.systemPackages = [ pkgs.ntfs3g ];
pkgs.ntfs3g
];
# root # root
# ---- # ----
fileSystems."/" = { fileSystems."/" = {
options = [ "noatime" "nodiratime" "discard" ]; options = [ "noatime" "nodiratime" "discard" ];
device = "/dev/vg/root"; device = "/dev/vg/root";
fsType = "ext4"; fsType = "ext4";
}; };
# boot # boot
@ -47,28 +41,28 @@ in
# home # home
# ---- # ----
fileSystems."/home" = { fileSystems."/home" = {
options = [ "noatime" "nodiratime" ]; options = [ "noatime" "nodiratime" ];
device = "/dev/mapper/decrypted_home"; device = "/dev/mapper/decrypted_home";
fsType = "ext4"; fsType = "ext4";
encrypted = { encrypted = {
enable = true; enable = true;
keyFile = "/mnt-root/root/keys/home.key"; keyFile = "/mnt-root/root/keys/home.key";
label = "decrypted_home"; label = "decrypted_home";
blkDev = "/dev/mapper/store-home"; blkDev = "/dev/mapper/store-home";
}; };
}; };
# var/lib/docker # var/lib/docker
# -------------- # --------------
fileSystems."/var/lib/docker" = { fileSystems."/var/lib/docker" = {
options = [ "noatime" "nodiratime" ]; options = [ "noatime" "nodiratime" ];
device = "/dev/mapper/decrypted_docker"; device = "/dev/mapper/decrypted_docker";
fsType = "ext4"; fsType = "ext4";
encrypted = { encrypted = {
enable = true; enable = true;
keyFile = "/mnt-root/root/keys/docker.key"; keyFile = "/mnt-root/root/keys/docker.key";
label = "decrypted_docker"; label = "decrypted_docker";
blkDev = "/dev/mapper/store-docker"; blkDev = "/dev/mapper/store-docker";
}; };
}; };
@ -83,16 +77,14 @@ in
#"x-systemd.device-timeout=1ms" #"x-systemd.device-timeout=1ms"
]; ];
}; };
systemd.mounts = [ systemd.mounts = [{
{ enable = true;
enable = true; options = "nofail,noauto";
options = "nofail,noauto"; type = "ext4";
type = "ext4"; wantedBy = [ "multi-user.target" ];
wantedBy = ["multi-user.target"]; what = "/dev/disk/by-uuid/f7fa1c0e-ac9f-4955-b4bd-644c1ddb0d89";
what = "/dev/disk/by-uuid/f7fa1c0e-ac9f-4955-b4bd-644c1ddb0d89"; where = "/media";
where = "/media"; }];
}
];
} }

261
configs/workhorse/jenkins.nix
View file

@ -18,7 +18,8 @@ in {
virtualHosts = { virtualHosts = {
"jenkins.${config.networking.hostName}.private" = { "jenkins.${config.networking.hostName}.private" = {
locations."/" = { locations."/" = {
proxyPass = "http://localhost:${toString config.services.jenkins.port}"; proxyPass =
"http://localhost:${toString config.services.jenkins.port}";
extraConfig = '' extraConfig = ''
proxy_set_header Host $host:$server_port; proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
@ -26,7 +27,9 @@ in {
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 90; proxy_read_timeout 90;
proxy_redirect http://localhost:${toString config.services.jenkins.port} https://jenkins.${config.networking.hostName}.private/; proxy_redirect http://localhost:${
toString config.services.jenkins.port
} https://jenkins.${config.networking.hostName}.private/;
''; '';
}; };
}; };
@ -56,183 +59,177 @@ in {
accessUser = "admin"; accessUser = "admin";
# https://docs.openstack.org/infra/jenkins-job-builder/definition.html#modules # https://docs.openstack.org/infra/jenkins-job-builder/definition.html#modules
nixJobs = nixJobs = let
let # ssh username + key
# ssh username + key gogs-id = "bc584c99-0fb7-43fb-af75-4076d64c51b2";
gogs-id = "bc584c99-0fb7-43fb-af75-4076d64c51b2"; # ssh username + key
# ssh username + key github-id = "bc584c99-0fb7-43fb-af75-4076d64c51b2";
github-id = "bc584c99-0fb7-43fb-af75-4076d64c51b2"; # ssh username + key
# ssh username + key sshSputnik = "d91eb57c-5bff-434c-b317-68aad46848d7";
sshSputnik = "d91eb57c-5bff-434c-b317-68aad46848d7";
sync-to-github = sync-to-github = name: source: target:
name: source: target: sync-repo name {
sync-repo name url = source;
{ credentialsId = gogs-id;
url = source; } {
credentialsId = gogs-id; url = target;
} credentialsId = github-id;
{ };
url = target;
credentialsId = github-id;
};
in [ in [
(job "deploy-gaykraft" {
url = "ssh://gogs@workhorse.private:2222/palo/gaykraft.git";
credentialsId = gogs-id;
} [
{ "build" = [ "nix-shell --run build" ]; }
{
"publish" = [{
script = "nix-shell --run publish";
credentialsId = sshSputnik;
}];
}
])
(job "deploy-gaykraft" (job "deploy-techblock" {
{ url = "ssh://gogs@workhorse.private:2222/palo/gaykraft.git"; url =
credentialsId = gogs-id; } "ssh://gogs@workhorse.private:2222/palo/tech.ingolf-wagner.de.git";
[ credentialsId = gogs-id;
{ "build" = [ } [
"nix-shell --run build" { "build" = [ "nix-shell --run build" ]; }
]; {
} "publish" = [{
{ "publish" = [ script = "nix-shell --run publish";
{ credentialsId = sshSputnik;
script = "nix-shell --run publish"; }];
credentialsId = sshSputnik; }
} ])
];
}
]
)
(job "deploy-techblock" (job "deploy-terranix" {
{ url = "ssh://gogs@workhorse.private:2222/palo/tech.ingolf-wagner.de.git"; url = "ssh://gogs@workhorse.private:2222/terranix/terranix.org.git";
credentialsId = gogs-id; } credentialsId = gogs-id;
[ } [
{ "build" = ["nix-shell --run build"];} { "build" = [ "nix-shell --run build" ]; }
{ "publish" = [ {
{ "publish" = [{
script = "nix-shell --run publish"; script = "nix-shell --run publish";
credentialsId = sshSputnik; credentialsId = sshSputnik;
} }];
];} }
]) ])
(job "deploy-terranix" (job "sync-retiolum" {
{ url = "ssh://gogs@workhorse.private:2222/terranix/terranix.org.git"; url = "git@github.com:krebs/retiolum.git";
credentialsId = gogs-id; }
[
{ "build" = ["nix-shell --run build"];}
{ "publish" = [
{
script = "nix-shell --run publish";
credentialsId = sshSputnik;
}
];}
])
(job "sync-retiolum"
{ url = "git@github.com:krebs/retiolum.git";
credentialsId = github-id; credentialsId = github-id;
triggers = [ { timed = "H/30 * * * *"; } ];} triggers = [{ timed = "H/30 * * * *"; }];
[ } [
{ "Download Files" = [ {
''chmod 755 hosts'' "Download Files" = [
''chmod 755 -R hosts'' "chmod 755 hosts"
''nix-shell -p curl -p gnutar -p bzip2 --run "curl https://lassul.us/retiolum-hosts.tar.bz2 | tar xvjf - || true"'' "chmod 755 -R hosts"
''chmod 755 -R etc.hosts'' ''
''nix-shell -p curl --run "curl https://lassul.us/retiolum.hosts > etc.hosts || true"'' nix-shell -p curl -p gnutar -p bzip2 --run "curl https://lassul.us/retiolum-hosts.tar.bz2 | tar xvjf - || true"''
];} "chmod 755 -R etc.hosts"
{ "update repo" = [ ''
nix-shell -p curl --run "curl https://lassul.us/retiolum.hosts > etc.hosts || true"''
];
}
{
"update repo" = [
''nix-shell -p git --run "git add ."'' ''nix-shell -p git --run "git add ."''
''nix-shell -p git --run "git -c user.name=\'Ingolf Wagner\' -c user.email=\'contact@ingolf-wagner.de\' commit -m update-`date +%Y-%m-%dT%H:%M:%S` || exit 0"'' ''
];} nix-shell -p git --run "git -c user.name=\'Ingolf Wagner\' -c user.email=\'contact@ingolf-wagner.de\' commit -m update-`date +%Y-%m-%dT%H:%M:%S` || exit 0"''
{ Push = [ ];
{ script = ''nix-shell -p git --run "git push origin master"''; }
credentialsId = github-id; } {
];} Push = [{
]) script = ''nix-shell -p git --run "git push origin master"'';
credentialsId = github-id;
}];
}
])
(job "test-terranix" (job "test-terranix" {
{ url = "ssh://gogs@workhorse.private:2222/terranix/terranix.git"; url = "ssh://gogs@workhorse.private:2222/terranix/terranix.git";
credentialsId = github-id; credentialsId = github-id;
branch = "develop";} branch = "develop";
[ } [{
{ "run Tests" = [ "run Tests" = [ ''nix-shell tests/shell.nix --run "test-terranix"'' ];
''nix-shell tests/shell.nix --run "test-terranix"'' }])
];}
])
(job "test-taskninja" (job "test-taskninja" {
{ url = "ssh://gogs@workhorse.private:2222/palo/taskninja.git"; url = "ssh://gogs@workhorse.private:2222/palo/taskninja.git";
credentialsId = gogs-id; } credentialsId = gogs-id;
[ } [
{ "Create Shell" = [ {
''nix-shell -p cabal2nix --run "cabal2nix --shell file://. > jenkins.nix"'' "Create Shell" = [
];} ''
{ Update = [ nix-shell -p cabal2nix --run "cabal2nix --shell file://. > jenkins.nix"''
''nix-shell ./jenkins.nix --run "cabal update"'' ];
];} }
{ Configure = [ { Update = [ ''nix-shell ./jenkins.nix --run "cabal update"'' ]; }
{
Configure = [
''nix-shell ./jenkins.nix --run "cabal configure --enable-tests"'' ''nix-shell ./jenkins.nix --run "cabal configure --enable-tests"''
''nix-shell ./jenkins.nix --run "cabal install --only-dependencies"'' ''
];} nix-shell ./jenkins.nix --run "cabal install --only-dependencies"''
{ Build = [ ];
''nix-shell ./jenkins.nix --run "cabal build"'' }
];} { Build = [ ''nix-shell ./jenkins.nix --run "cabal build"'' ]; }
{ Test = [ { Test = [ ''nix-shell ./jenkins.nix --run "cabal test"'' ]; }
''nix-shell ./jenkins.nix --run "cabal test"'' ])
];}
])
# sync to me
# sync to me # ----------
# ---------- (sync-to-github "sync-nixwriters" "https://cgit.krebsco.de/nix-writers/"
(sync-to-github "sync-nixwriters"
"https://cgit.krebsco.de/nix-writers/"
"ssh://gogs@workhorse.private:2222/krebs/nix-writers.git") "ssh://gogs@workhorse.private:2222/krebs/nix-writers.git")
(sync-to-github "sync-krops" (sync-to-github "sync-krops" "https://cgit.krebsco.de/krops/"
"https://cgit.krebsco.de/krops/"
"ssh://gogs@workhorse.private:2222/krebs/krops.git") "ssh://gogs@workhorse.private:2222/krebs/krops.git")
# sync to github
# sync to github # --------------
# -------------- (sync-to-github "sync-radiodj"
(sync-to-github "sync-radiodj"
"ssh://gogs@workhorse.private:2222/crashburn_radio/radio_dj.git" "ssh://gogs@workhorse.private:2222/crashburn_radio/radio_dj.git"
"git@github.com:crashburn-radio/radio-dj.git") "git@github.com:crashburn-radio/radio-dj.git")
(sync-to-github "sync-krops-module" (sync-to-github "sync-krops-module"
"ssh://gogs@workhorse.private:2222/nix-modules/krops.git" "ssh://gogs@workhorse.private:2222/nix-modules/krops.git"
"git@github.com:mrVanDalo/module.krops.git") "git@github.com:mrVanDalo/module.krops.git")
(sync-to-github "sync-cluster-module" (sync-to-github "sync-cluster-module"
"ssh://gogs@workhorse.private:2222/nix-modules/cluster.git" "ssh://gogs@workhorse.private:2222/nix-modules/cluster.git"
"git@github.com:mrVanDalo/module.cluster.git") "git@github.com:mrVanDalo/module.cluster.git")
(sync-to-github "sync-backup-module" (sync-to-github "sync-backup-module"
"ssh://gogs@workhorse.private:2222/nix-modules/backup.git" "ssh://gogs@workhorse.private:2222/nix-modules/backup.git"
"git@github.com:mrVanDalo/module.backup.git") "git@github.com:mrVanDalo/module.backup.git")
(sync-to-github "sync-module-tinc" (sync-to-github "sync-module-tinc"
"ssh://gogs@workhorse.private:2222/palo/nixos-tinc.git" "ssh://gogs@workhorse.private:2222/palo/nixos-tinc.git"
"git@github.com:mrVanDalo/nixos-tinc.git") "git@github.com:mrVanDalo/nixos-tinc.git")
(sync-to-github "sync-memo" (sync-to-github "sync-memo"
"ssh://gogs@workhorse.private:2222/palo/memo.git" "ssh://gogs@workhorse.private:2222/palo/memo.git"
"git@github.com:mrVanDalo/memo.git") "git@github.com:mrVanDalo/memo.git")
(sync-to-github "sync-diagrams-template" (sync-to-github "sync-diagrams-template"
"ssh://gogs@workhorse.private:2222/palo/diagrams-template.git" "ssh://gogs@workhorse.private:2222/palo/diagrams-template.git"
"git@github.com:mrVanDalo/diagrams.git") "git@github.com:mrVanDalo/diagrams.git")
(sync-to-github "sync-terranix" (sync-to-github "sync-terranix"
"ssh://gogs@workhorse.private:2222/terranix/terranix.git" "ssh://gogs@workhorse.private:2222/terranix/terranix.git"
"git@github.com:mrVanDalo/terranix.git") "git@github.com:mrVanDalo/terranix.git")
(sync-to-github "sync-plops" (sync-to-github "sync-plops"
"ssh://gogs@workhorse.private:2222/palo/plops.git" "ssh://gogs@workhorse.private:2222/palo/plops.git"
"git@github.com:mrVanDalo/plops.git") "git@github.com:mrVanDalo/plops.git")
(sync-to-github "sync-image-generator" (sync-to-github "sync-image-generator"
"ssh://gogs@workhorse.private:2222/palo/image-generator.git" "ssh://gogs@workhorse.private:2222/palo/image-generator.git"
"git@github.com:mrVanDalo/image-generator.git") "git@github.com:mrVanDalo/image-generator.git")
]; ];
}; };
}; };

9
configs/workhorse/kibana.nix
View file

@ -1,13 +1,14 @@
{ config, ... }: { config, ... }: {
{
services.nginx = { services.nginx = {
enable = true; enable = true;
statusPage = true; statusPage = true;
virtualHosts = { virtualHosts = {
"kibana.${config.networking.hostName}.private" = { "kibana.${config.networking.hostName}.private" = {
serverAliases = []; serverAliases = [ ];
locations."/" = { locations."/" = {
proxyPass = "http://${config.networking.hostName}.private:${toString config.services.kibana.port}"; proxyPass = "http://${config.networking.hostName}.private:${
toString config.services.kibana.port
}";
}; };
}; };
}; };

31
configs/workhorse/lektor-gaykraft.nix
View file

@ -14,9 +14,10 @@ in {
statusPage = true; statusPage = true;
virtualHosts = { virtualHosts = {
"${containerName}.${config.networking.hostName}.private" = { "${containerName}.${config.networking.hostName}.private" = {
serverAliases = []; serverAliases = [ ];
locations."/" = { locations."/" = {
proxyPass = "http://${config.networking.hostName}.private:${toString port}"; proxyPass =
"http://${config.networking.hostName}.private:${toString port}";
}; };
}; };
}; };
@ -32,23 +33,23 @@ in {
}; };
autoStart = true; autoStart = true;
config = config = { config, pkgs, ... }: {
{ config, pkgs, ... }: imports = [ <system/all> ];
{ services.lektor = {
imports = [ <system/all> ]; enable = true;
services.lektor = { host = "git.ingolf-wagner.de";
enable = true; sshKey = sshKey;
host = "git.ingolf-wagner.de"; repository = repository;
sshKey = sshKey; port = port;
repository = repository; additionalScript =
port = port; pkgs.writeScript "build" "${pkgs.nix}/bin/nix-shell --run build";
additionalScript = pkgs.writeScript "build" "${pkgs.nix}/bin/nix-shell --run build";
};
}; };
};
}; };
# it might take some time will this thing is up # it might take some time will this thing is up
systemd.services."container@${containerName}".serviceConfig.TimeoutStartSec = lib.mkForce "infinity"; systemd.services."container@${containerName}".serviceConfig.TimeoutStartSec =
lib.mkForce "infinity";
} }

34
configs/workhorse/lektor-techblog.nix
View file

@ -4,7 +4,8 @@ let
containerName = "techblog"; containerName = "techblog";
port = 5002; port = 5002;
repository = "ssh://gogs@git.ingolf-wagner.de:443/palo/tech.ingolf-wagner.de.git"; repository =
"ssh://gogs@git.ingolf-wagner.de:443/palo/tech.ingolf-wagner.de.git";
sshKey = toString <secrets/lektor/techblog>; sshKey = toString <secrets/lektor/techblog>;
in { in {
@ -14,9 +15,10 @@ in {
statusPage = true; statusPage = true;
virtualHosts = { virtualHosts = {
"${containerName}.${config.networking.hostName}.private" = { "${containerName}.${config.networking.hostName}.private" = {
serverAliases = []; serverAliases = [ ];
locations."/" = { locations."/" = {
proxyPass = "http://${config.networking.hostName}.private:${toString port}"; proxyPass =
"http://${config.networking.hostName}.private:${toString port}";
}; };
}; };
}; };
@ -32,23 +34,23 @@ in {
}; };
autoStart = true; autoStart = true;
config = config = { config, pkgs, ... }: {
{ config, pkgs, ... }: imports = [ <system/all> ];
{ services.lektor = {
imports = [ <system/all> ]; enable = true;
services.lektor = { host = "git.ingolf-wagner.de";
enable = true; sshKey = sshKey;
host = "git.ingolf-wagner.de"; repository = repository;
sshKey = sshKey; port = port;
repository = repository; additionalScript =
port = port; pkgs.writeScript "build" "${pkgs.nix}/bin/nix-shell --run build";
additionalScript = pkgs.writeScript "build" "${pkgs.nix}/bin/nix-shell --run build";
};
}; };
};
}; };
# it might take some time will this thing is up # it might take some time will this thing is up
systemd.services."container@${containerName}".serviceConfig.TimeoutStartSec = lib.mkForce "infinity"; systemd.services."container@${containerName}".serviceConfig.TimeoutStartSec =
lib.mkForce "infinity";
} }

31
configs/workhorse/lektor-terranix.nix
View file

@ -14,9 +14,10 @@ in {
statusPage = true; statusPage = true;
virtualHosts = { virtualHosts = {
"${containerName}.${config.networking.hostName}.private" = { "${containerName}.${config.networking.hostName}.private" = {
serverAliases = []; serverAliases = [ ];
locations."/" = { locations."/" = {
proxyPass = "http://${config.networking.hostName}.private:${toString port}"; proxyPass =
"http://${config.networking.hostName}.private:${toString port}";
}; };
}; };
}; };
@ -32,23 +33,23 @@ in {
}; };
autoStart = true; autoStart = true;
config = config = { config, pkgs, ... }: {
{ config, pkgs, ... }: imports = [ <system/all> ];
{ services.lektor = {
imports = [ <system/all> ]; enable = true;
services.lektor = { host = "git.ingolf-wagner.de";
enable = true; sshKey = sshKey;
host = "git.ingolf-wagner.de"; repository = repository;
sshKey = sshKey; port = port;
repository = repository; additionalScript =
port = port; pkgs.writeScript "build" "${pkgs.nix}/bin/nix-shell --run build";
additionalScript = pkgs.writeScript "build" "${pkgs.nix}/bin/nix-shell --run build";
};
}; };
};
}; };
# it might take some time will this thing is up # it might take some time will this thing is up
systemd.services."container@${containerName}".serviceConfig.TimeoutStartSec = lib.mkForce "infinity"; systemd.services."container@${containerName}".serviceConfig.TimeoutStartSec =
lib.mkForce "infinity";
} }

548
configs/workhorse/mail-fetcher.nix
View file

@ -1,51 +1,50 @@
# fetches mails for me # fetches mails for me
{ lib, pkgs, config, ... }: { lib, pkgs, config, ... }: {
{
users.users.mailUser = { users.users.mailUser = {
isNormalUser = true; isNormalUser = true;
description = "collects mails for me"; description = "collects mails for me";
hashedPassword = "!"; hashedPassword = "!";
name = "mailfetcher"; name = "mailfetcher";
openssh.authorizedKeys.keyFiles = config.users.users.root.openssh.authorizedKeys.keyFiles; openssh.authorizedKeys.keyFiles =
config.users.users.root.openssh.authorizedKeys.keyFiles;
}; };
# configure passwords # configure passwords
krops.userKeys = { krops.userKeys = {
"gmail.palipalo9" = { "gmail.palipalo9" = {
user = config.users.users.mailUser.name; user = config.users.users.mailUser.name;
source = toString <secrets/mail/gmail/palipalo9>; source = toString <secrets/mail/gmail/palipalo9>;
requiredBy = ["fetchmail.service"]; requiredBy = [ "fetchmail.service" ];
}; };
"gmx.palo_van_dalo" = { "gmx.palo_van_dalo" = {
user = config.users.users.mailUser.name; user = config.users.users.mailUser.name;
source = toString <secrets/mail/gmx/palo_van_dalo>; source = toString <secrets/mail/gmx/palo_van_dalo>;
requiredBy = ["fetchmail.service"]; requiredBy = [ "fetchmail.service" ];
}; };
"gmx.ingolf_wagner" = { "gmx.ingolf_wagner" = {
user = config.users.users.mailUser.name; user = config.users.users.mailUser.name;
source = toString <secrets/mail/gmx/ingolf.wagner>; source = toString <secrets/mail/gmx/ingolf.wagner>;
requiredBy = ["fetchmail.service"]; requiredBy = [ "fetchmail.service" ];
}; };
"web.pali_palo" = { "web.pali_palo" = {
user = config.users.users.mailUser.name; user = config.users.users.mailUser.name;
source = toString <secrets/mail/web.de/pali_palo>; source = toString <secrets/mail/web.de/pali_palo>;
requiredBy = ["fetchmail.service"]; requiredBy = [ "fetchmail.service" ];
}; };
"siteground.contact" = { "siteground.contact" = {
user = config.users.users.mailUser.name; user = config.users.users.mailUser.name;
source = toString <secrets/mail/siteground/contact>; source = toString <secrets/mail/siteground/contact>;
requiredBy = ["fetchmail.service"]; requiredBy = [ "fetchmail.service" ];
}; };
"gaykraft.root" = { "gaykraft.root" = {
user = config.users.users.mailUser.name; user = config.users.users.mailUser.name;
source = toString <secrets/mail/gaykraft/root>; source = toString <secrets/mail/gaykraft/root>;
requiredBy = ["fetchmail.service"]; requiredBy = [ "fetchmail.service" ];
}; };
"c-base.palo" = { "c-base.palo" = {
user = config.users.users.mailUser.name; user = config.users.users.mailUser.name;
source = toString <secrets/mail/c-base/palo>; source = toString <secrets/mail/c-base/palo>;
requiredBy = ["fetchmail.service"]; requiredBy = [ "fetchmail.service" ];
}; };
}; };
@ -60,7 +59,8 @@
aliases = [ ]; aliases = [ ];
realName = "Ingolf Wagner"; realName = "Ingolf Wagner";
userName = "palo_van_dalo@gmx.de"; userName = "palo_van_dalo@gmx.de";
passwordCommand = "cat ${toString config.krops.userKeys."gmx.palo_van_dalo".target}"; passwordCommand =
"cat ${toString config.krops.userKeys."gmx.palo_van_dalo".target}";
imap = { imap = {
host = "imap.gmx.net"; host = "imap.gmx.net";
port = 993; port = 993;
@ -77,7 +77,8 @@
aliases = [ ]; aliases = [ ];
realName = "Ingolf Wagner"; realName = "Ingolf Wagner";
userName = "ingolf.wagner@gmx.de"; userName = "ingolf.wagner@gmx.de";
passwordCommand = "cat ${toString config.krops.userKeys."gmx.ingolf_wagner".target}"; passwordCommand =
"cat ${toString config.krops.userKeys."gmx.ingolf_wagner".target}";
imap = { imap = {
host = "imap.gmx.net"; host = "imap.gmx.net";
@ -136,7 +137,8 @@
aliases = [ ]; aliases = [ ];
realName = "Ingolf Wagner"; realName = "Ingolf Wagner";
userName = "pali_palo@web.de"; userName = "pali_palo@web.de";
passwordCommand = "cat ${toString config.krops.userKeys."web.pali_palo".target}"; passwordCommand =
"cat ${toString config.krops.userKeys."web.pali_palo".target}";
imap = { imap = {
host = "imap.web.de"; host = "imap.web.de";
port = 993; port = 993;
@ -153,43 +155,43 @@
aliases = [ ]; aliases = [ ];
realName = "Ingolf Wagner"; realName = "Ingolf Wagner";
userName = "palo"; userName = "palo";
passwordCommand = "cat ${toString config.krops.userKeys."c-base.palo".target}"; passwordCommand =
"cat ${toString config.krops.userKeys."c-base.palo".target}";
imap = { imap = {
host = "c-mail.c-base.org"; host = "c-mail.c-base.org";
port = 993; port = 993;
# fetched using : nix-shell -p openssl --run "openssl s_client -connect c-mail.c-base.org:993 -showcerts" # fetched using : nix-shell -p openssl --run "openssl s_client -connect c-mail.c-base.org:993 -showcerts"
tls.certificatesFile = tls.certificatesFile = pkgs.writeText "c-base.pem" ''
pkgs.writeText "c-base.pem" '' -----BEGIN CERTIFICATE-----
-----BEGIN CERTIFICATE----- MIIFKDCCAxCgAwIBAgIDAtwrMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB
MIIFKDCCAxCgAwIBAgIDAtwrMA0GCSqGSIb3DQEBDQUAMFQxFDASBgNVBAoTC0NB Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV
Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMTkxMTA5MDgzMjUyWhcNMjExMTA4
BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMTkxMTA5MDgzMjUyWhcNMjExMTA4 MDgzMjUyWjBhMQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH
MDgzMjUyWjBhMQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH EwZCZXJsaW4xFDASBgNVBAoTC2MtYmFzZSBlLlYuMRowGAYDVQQDExFjLW1haWwu
EwZCZXJsaW4xFDASBgNVBAoTC2MtYmFzZSBlLlYuMRowGAYDVQQDExFjLW1haWwu Yy1iYXNlLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKR3XBxJ
Yy1iYXNlLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKR3XBxJ 72MayCS0D5GCoHcY0TQLs1DQSohCCobRdSowFJzNQw/2lL6bb+Q2rmevZQXuM4vP
72MayCS0D5GCoHcY0TQLs1DQSohCCobRdSowFJzNQw/2lL6bb+Q2rmevZQXuM4vP YbFytvTDmY5y5MNXEqGLfi8D5TcaP/RdXWQU++yUunE6yMdqZNheeXPjM//PnoXG
YbFytvTDmY5y5MNXEqGLfi8D5TcaP/RdXWQU++yUunE6yMdqZNheeXPjM//PnoXG DyT236BovEi3YipUUsLXFiRj+cAjrQE7a2YUs3fjV3P6grMH0V06J6P6+JJvRgp2
DyT236BovEi3YipUUsLXFiRj+cAjrQE7a2YUs3fjV3P6grMH0V06J6P6+JJvRgp2 K33uhKhnKyb3s1tbdbu1KeGozx2ws9lg79XV+Py6PXxP6jTZ2PCsaxs3BThSdmsl
K33uhKhnKyb3s1tbdbu1KeGozx2ws9lg79XV+Py6PXxP6jTZ2PCsaxs3BThSdmsl vQyk/zoW7tA1m2ntRCoyFHZqfOHsN3UOS/HDRlXqgSf0ah8cPYPsl0ayXhgOv0Tu
vQyk/zoW7tA1m2ntRCoyFHZqfOHsN3UOS/HDRlXqgSf0ah8cPYPsl0ayXhgOv0Tu 1PSMt4Ve2GajX8MCAwEAAaOB9TCB8jAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQE
1PSMt4Ve2GajX8MCAwEAAaOB9TCB8jAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQE AwIDqDA0BgNVHSUELTArBggrBgEFBQcDAgYIKwYBBQUHAwEGCWCGSAGG+EIEAQYK
AwIDqDA0BgNVHSUELTArBggrBgEFBQcDAgYIKwYBBQUHAwEGCWCGSAGG+EIEAQYK KwYBBAGCNwoDAzAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAGGF2h0dHA6Ly9v
KwYBBAGCNwoDAzAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAGGF2h0dHA6Ly9v Y3NwLmNhY2VydC5vcmcvMDgGA1UdHwQxMC8wLaAroCmGJ2h0dHA6Ly9jcmwuY2Fj
Y3NwLmNhY2VydC5vcmcvMDgGA1UdHwQxMC8wLaAroCmGJ2h0dHA6Ly9jcmwuY2Fj ZXJ0Lm9yZy9jbGFzczMtcmV2b2tlLmNybDAtBgNVHREEJjAkghFjLW1haWwuYy1i
ZXJ0Lm9yZy9jbGFzczMtcmV2b2tlLmNybDAtBgNVHREEJjAkghFjLW1haWwuYy1i YXNlLm9yZ4IPbWFpbC5jLWJhc2Uub3JnMA0GCSqGSIb3DQEBDQUAA4ICAQBjTIa1
YXNlLm9yZ4IPbWFpbC5jLWJhc2Uub3JnMA0GCSqGSIb3DQEBDQUAA4ICAQBjTIa1 xdhUYXJidv1U0qaqSV1DzumakFY20OM4QCV0Qvlq+SQUqroGBTIGodxhTnjG5o01
xdhUYXJidv1U0qaqSV1DzumakFY20OM4QCV0Qvlq+SQUqroGBTIGodxhTnjG5o01 4xBAnsTcMRNycXHu0j6XYqDS4QhaFcGdFmXP0EQfAFbvhwZdbvgiRHuUTSGEbcLp
4xBAnsTcMRNycXHu0j6XYqDS4QhaFcGdFmXP0EQfAFbvhwZdbvgiRHuUTSGEbcLp Vk8sP8dpzx+zMAZ6PL7XMwPFPTHm7vw40qmTyCuUcnhIwHgwGxu4yu0tdsU+VwRD
Vk8sP8dpzx+zMAZ6PL7XMwPFPTHm7vw40qmTyCuUcnhIwHgwGxu4yu0tdsU+VwRD RVsdZO4V2GhFTz8oRcHvmC2wmx+Zwx0RXWPXSN5yRDDZWwY4WbECa2MvojH1HlJG
RVsdZO4V2GhFTz8oRcHvmC2wmx+Zwx0RXWPXSN5yRDDZWwY4WbECa2MvojH1HlJG YJkokq7nbYJix/RipSkAXgurcgppVmM5cf7uYgSrltW8pm3IMMPrlaFrlzMMMtdq
YJkokq7nbYJix/RipSkAXgurcgppVmM5cf7uYgSrltW8pm3IMMPrlaFrlzMMMtdq SYFk+FDp296B7CDyWpQhDcVjnGQ70JfMWT5S3Lsi8DnI2pul9ljxPOt+Q8XFh1oz
SYFk+FDp296B7CDyWpQhDcVjnGQ70JfMWT5S3Lsi8DnI2pul9ljxPOt+Q8XFh1oz Ofr7y5Qjm72YToOX1j7N8ppCh0RJH4lOsouTPVdp859ch9FxZdceq+nC744wv+Nt
Ofr7y5Qjm72YToOX1j7N8ppCh0RJH4lOsouTPVdp859ch9FxZdceq+nC744wv+Nt TQPw15Gk3RY5mVYBE/Cw2T7j7qDmBaEUKxkfW7q8t287FXM4XX6C+cKYr6jYx6s1
TQPw15Gk3RY5mVYBE/Cw2T7j7qDmBaEUKxkfW7q8t287FXM4XX6C+cKYr6jYx6s1 5/2p4gCuOALYqJ7kD2xjci0VTWu77H4J2QKEZF8AgdI36dIYr7GY0e/+xb/CScwr
5/2p4gCuOALYqJ7kD2xjci0VTWu77H4J2QKEZF8AgdI36dIYr7GY0e/+xb/CScwr uvu2R9jfPOMVu6CiavPGUtcvju4A+qMUDqIyH9dNwkMQRffAtmsF6KR4nMYxhr45
uvu2R9jfPOMVu6CiavPGUtcvju4A+qMUDqIyH9dNwkMQRffAtmsF6KR4nMYxhr45 nKY1BaufWLD1UWrjaR1IF6L5qDHOXeMJEChYkg==
nKY1BaufWLD1UWrjaR1IF6L5qDHOXeMJEChYkg== -----END CERTIFICATE-----'';
-----END CERTIFICATE-----'';
}; };
mbsync = { mbsync = {
enable = true; enable = true;
@ -204,7 +206,8 @@
aliases = [ ]; aliases = [ ];
realName = "Ingolf Wagner"; realName = "Ingolf Wagner";
userName = "palipalo9@googlemail.com"; userName = "palipalo9@googlemail.com";
passwordCommand = "cat ${toString config.krops.userKeys."gmail.palipalo9".target}"; passwordCommand =
"cat ${toString config.krops.userKeys."gmail.palipalo9".target}";
imap = { imap = {
host = "imap.gmail.com"; host = "imap.gmail.com";
port = 993; port = 993;
@ -221,7 +224,8 @@
aliases = [ ]; aliases = [ ];
realName = "Ingolf Wagner"; realName = "Ingolf Wagner";
userName = "contact@ingolf-wagner.de"; userName = "contact@ingolf-wagner.de";
passwordCommand = "cat ${toString config.krops.userKeys."siteground.contact".target}"; passwordCommand =
"cat ${toString config.krops.userKeys."siteground.contact".target}";
imap = { imap = {
host = "securees5.sgcpanel.com"; host = "securees5.sgcpanel.com";
port = 143; port = 143;
@ -261,15 +265,13 @@
}; };
}; };
# configure mbsync # configure mbsync
home-manager.users.mailUser.programs.mbsync.enable = true; home-manager.users.mailUser.programs.mbsync.enable = true;
systemd.services.fetchmail = { systemd.services.fetchmail = {
enable = true; enable = true;
serviceConfig = { serviceConfig = { User = config.users.users.mailUser.name; };
User = config.users.users.mailUser.name; environment.NOTMUCH_CONFIG =
}; "${config.users.users.mailUser.home}/.config/notmuch/notmuchrc";
environment.NOTMUCH_CONFIG = "${config.users.users.mailUser.home}/.config/notmuch/notmuchrc";
script = '' script = ''
echo "run mbsync" echo "run mbsync"
${pkgs.isync}/bin/mbsync \ ${pkgs.isync}/bin/mbsync \
@ -284,13 +286,13 @@
${pkgs.notmuch}/bin/notmuch new ${pkgs.notmuch}/bin/notmuch new
echo "run afew" echo "run afew"
${pkgs.afew}/bin/afew --new --tag -v ${pkgs.afew}/bin/afew --new --tag -v
''; '';
}; };
systemd.timers.fetchmail = { systemd.timers.fetchmail = {
enable = true; enable = true;
# timerConfig.OnCalendar = " *-*-* *:00:00"; # timerConfig.OnCalendar = " *-*-* *:00:00";
timerConfig.OnCalendar = "*:0/10"; timerConfig.OnCalendar = "*:0/10";
wantedBy = ["multi-user.target"]; wantedBy = [ "multi-user.target" ];
}; };
# configure notmuch # configure notmuch
@ -305,123 +307,361 @@
# a few config # a few config
home-manager.users.mailUser.programs.afew = { home-manager.users.mailUser.programs.afew = {
enable = true; enable = true;
extraConfig = with lib; let extraConfig = with lib;
let
template = index: { tags, query, message ? "generic", ... }: '' template = index:
[Filter.${toString index}] { tags, query, message ? "generic", ... }: ''
query = ${query} [Filter.${toString index}]
tags = ${concatStringsSep ";" tags} query = ${query}
message = ${message} tags = ${concatStringsSep ";" tags}
''; message = ${message}
'';
filters = [ filters = [
{query = "from:linkedin.com"; tags = [ "+linked" "+jobs" ];}
{query = "from:computerfutures.com OR from:computerfutures.de"; tags = [ "+jobs" "-inbox" ];}
{query = "from:seek.com.au"; tags = [ "+jobs" ];}
{query = "from:xing.com"; tags = [ "+jobs" "-inbox" ];}
{query = "from:no-reply@backtrace.io"; tags = ["+sononym" "-inbox" "-unread"];}
{query = "from:ebay.com OR from:ebay.de OR from:ebay.net"; tags = [ "+ebay" "+shop" "+billing"];}
{query = "from:bahn.de"; tags = [ "+billing" "+bahn" ];}
{query = "from:fysitech.atlassian.net OR to:engiadina-pwa@noreply.github.com"; tags = [ "+mia" "+work" "-unread" "-inbox"];}
{query = "from:circleci.com OR (from:noreply@github.com AND to:audio-overlay@googlegroups.com)"; tags = [ "-inbox" "-unread" "+junk" ];}
{query = "from:getdigital.de"; tags = [ "-inbox" "-unread" "+junk" ];}
{query = "from:digitalo.de"; tags = [ "-inbox" "-unread" "+junk" ];}
{query = "from:puppet.com"; tags = [ "-inbox" "-unread" "+junk" ];}
{query = "from:mixcloudmail.com AND subject:Weekly Update"; tags = [ "-inbox" "-unread" "+junk" ];}
{query = "from:facebook.com OR from:facebookmail.com"; tags = [ "-inbox" "-unread" "+junk" ];}
{query = "from:getpocket.com"; tags = [ "-inbox" "-unread" "+junk" ];}
{query = "from:oknotify2.com"; tags = [ "+okcupid" ];}
{query = "from:oknotify2.com AND NOT subject:New message"; tags = [ "-inbox" "-unread" "+junk" ];}
{query = "from:paulaschoice.com"; tags = [ "-inbox" "-unread" "+junk" ];}
{query = "from:samplemagic.com OR from:wavealchemy.co.uk OR from:creators.gumroad.com"; tags = [ "-inbox" "-unread" "+junk" ];}
{query = "from:immobilienscout24.de"; tags = [ "-inbox" "-unread" "+junk" ];}
{query = "from:magix.net"; tags = [ "-inbox" "-unread" "+junk" ];}
{query = "from:booking.com"; tags = [ "-inbox" "-unread" "+junk" ];}
{query = "from:hackster.io"; tags = [ "-inbox" "-unread" "+junk" ];}
{query = "from:trade4less.de"; tags = [ "-inbox" "-unread" "+junk" ];}
{query = "from:taxback.de OR to:taxback.de"; tags = ["+steuer"] ;}
{query = "from:campact.de"; tags = ["+campact" "+politics"] ;}
{query = "from:menospese.com"; tags = ["+junk" "-unread" "-inbox"] ;}
{query = "from:aliexpress.com"; tags = ["+shop" "+aliexpress"] ;}
{query = "from:congstar.de"; tags = ["+billing" "+congstar" "-inbox" "-unread"] ;}
{query = "from:congstarnews.de"; tags = ["+congstar" "-inbox" "-unread" "+junk"] ;}
{query = "from:fitnessfirst.de"; tags = ["-inbox" "-unread" "+junk"] ;}
{query = "from:steampowered.com AND NOT ( subject:purchase OR subject:received )"; tags = ["-inbox" "-unread" ] ;}
{query = "from:steampowered.com AND ( subject:purchase OR subject:received )"; tags = ["+billing" "+steam" ] ;}
{query = "from:gog.com AND NOT subject:Bestellung"; tags = ["-inbox" "-unread" ] ;}
{query = "from:gog.com AND subject:Bestellung"; tags = ["+billing" "+gog" ] ;}
{query = "from:drive-now.com"; tags = ["+billing" "+drivenow" "-inbox" "-unread"] ;}
{query = "from:mindfactory.de"; tags = ["+shop" "+billing"] ;}
{query = "from:zalando.de"; tags = ["+shop" "+billing" "+zalando"] ;}
{query = "from:ing.de"; tags = ["+bank" "+ingdiba"] ;}
{query = "from:nab.com.au"; tags = ["+bank" "+nab" "-inbox" "-unread"] ;}
{query = "from:dkb.de"; tags = ["+bank" "+dkb"] ;}
{query = "from:o2online.de"; tags = ["+billing" "+o2"] ;}
{query = "from:betfair.com"; tags = ["+work" "+betfair"] ;}
{query = "from:ghostinspector.com"; tags = ["-unread" "-inbox" "+junk"] ;}
{query = "from:travis-ci.org AND subject:csv-to-qif"; tags = ["+development" "+csv-to-qif"] ;}
{query = "to:proaudio@lists.tuxfamily.org"; tags = ["-inbox" "-unread"] ;}
{query = "tag:lists AND from:nixos1@discoursemail.com"; tags = ["+nixos" "+discourse"] ;}
{query = "from:limebike.com AND (subject:Funds OR subject:Receipt)" ; tags = ["-inbox" "-unread" "+billing" "+limebike"] ;}
{query = "from:hetzner.com OR from:hetzner.de" ; tags = ["+hetzner"] ;}
{query = "from:freemusicarchive.org" ; tags = ["+FMA"] ;}
{query = "from:namecheap.com" ; tags = ["+namecheap" "+billing"] ;}
{query = "from:nintendo.com" ; tags = ["+nintendo" "+billing"] ;}
{query = "from:oculus.com AND subject:receipt" ; tags = ["+oculus" "+billing"] ;}
{query = "from:vstbuzz.com" ; tags = ["+junk" "-inbox" ] ;}
{query = "from:runtastic.com" ; tags = ["+junk" "-inbox" ] ;}
{query = "from:letterboxd.com" ; tags = ["+junk" "-inbox" ] ;}
{query = "from::microsoftstoreemail.com" ; tags = ["+junk" "-inbox" ] ;}
{query = "from:car2go.com" ; tags = ["-inbox" "-unread" ] ;}
{query = "from:sixt.de" ; tags = ["-inbox" "-unread" ] ;}
{query = "from:meetup.com" ; tags = ["-inbox" "-unread" "+meetup"] ;}
{query = "from:slack.com" ; tags = ["+slack"] ;}
{query = "from:keybase.io" ; tags = ["+keybase"] ;}
{query = "from:tumblr.com" ; tags = ["+junk" "-inbox" "-unread"];}
{query = "from:jobs2web.com" ; tags = ["+newzealand" "+jobs" "-inbox" ];}
{query = "from:mailings.gmx.net" ; tags = ["+junk" "-inbox" "-unread"];}
{query = "from:paypal.de AND subject:Bestätigung"; tags = ["-unread" "+paypal" "+billing"] ;}
{query = "to:c-base.org" ; tags = ["+cbase"] ;}
{query = "to:c-base.org AND subject=[auto-report]"; tags = ["-unread" "-inbox"] ;}
{query = "to:renoise@ingolf-wagner.de OR to:root@renoise.com OR from:renoise.com OR to:admin@renoise.com"; tags = ["+renoise"] ;}
{query = "from:amazon.de OR from:amazon.com AND NOT to:renoise.com"; tags = ["+shop" "+amazon" "+billing"];}
{ {
query = "to:renoise.com AND NOT ( from:renoise.com OR from:root OR from:hetzner.com OR from:hetzner.de OR from:amazon.com OR from:gmail.com )"; query = "from:linkedin.com";
tags = [ "+linked" "+jobs" ];
}
{
query = "from:computerfutures.com OR from:computerfutures.de";
tags = [ "+jobs" "-inbox" ];
}
{
query = "from:seek.com.au";
tags = [ "+jobs" ];
}
{
query = "from:xing.com";
tags = [ "+jobs" "-inbox" ];
}
{
query = "from:no-reply@backtrace.io";
tags = [ "+sononym" "-inbox" "-unread" ];
}
{
query = "from:ebay.com OR from:ebay.de OR from:ebay.net";
tags = [ "+ebay" "+shop" "+billing" ];
}
{
query = "from:bahn.de";
tags = [ "+billing" "+bahn" ];
}
{
query =
"from:fysitech.atlassian.net OR to:engiadina-pwa@noreply.github.com";
tags = [ "+mia" "+work" "-unread" "-inbox" ];
}
{
query =
"from:circleci.com OR (from:noreply@github.com AND to:audio-overlay@googlegroups.com)";
tags = [ "-inbox" "-unread" "+junk" ];
}
{
query = "from:getdigital.de";
tags = [ "-inbox" "-unread" "+junk" ];
}
{
query = "from:digitalo.de";
tags = [ "-inbox" "-unread" "+junk" ];
}
{
query = "from:puppet.com";
tags = [ "-inbox" "-unread" "+junk" ];
}
{
query = "from:mixcloudmail.com AND subject:Weekly Update";
tags = [ "-inbox" "-unread" "+junk" ];
}
{
query = "from:facebook.com OR from:facebookmail.com";
tags = [ "-inbox" "-unread" "+junk" ];
}
{
query = "from:getpocket.com";
tags = [ "-inbox" "-unread" "+junk" ];
}
{
query = "from:oknotify2.com";
tags = [ "+okcupid" ];
}
{
query = "from:oknotify2.com AND NOT subject:New message";
tags = [ "-inbox" "-unread" "+junk" ];
}
{
query = "from:paulaschoice.com";
tags = [ "-inbox" "-unread" "+junk" ];
}
{
query =
"from:samplemagic.com OR from:wavealchemy.co.uk OR from:creators.gumroad.com";
tags = [ "-inbox" "-unread" "+junk" ];
}
{
query = "from:immobilienscout24.de";
tags = [ "-inbox" "-unread" "+junk" ];
}
{
query = "from:magix.net";
tags = [ "-inbox" "-unread" "+junk" ];
}
{
query = "from:booking.com";
tags = [ "-inbox" "-unread" "+junk" ];
}
{
query = "from:hackster.io";
tags = [ "-inbox" "-unread" "+junk" ];
}
{
query = "from:trade4less.de";
tags = [ "-inbox" "-unread" "+junk" ];
}
{
query = "from:taxback.de OR to:taxback.de";
tags = [ "+steuer" ];
}
{
query = "from:campact.de";
tags = [ "+campact" "+politics" ];
}
{
query = "from:menospese.com";
tags = [ "+junk" "-unread" "-inbox" ];
}
{
query = "from:aliexpress.com";
tags = [ "+shop" "+aliexpress" ];
}
{
query = "from:congstar.de";
tags = [ "+billing" "+congstar" "-inbox" "-unread" ];
}
{
query = "from:congstarnews.de";
tags = [ "+congstar" "-inbox" "-unread" "+junk" ];
}
{
query = "from:fitnessfirst.de";
tags = [ "-inbox" "-unread" "+junk" ];
}
{
query =
"from:steampowered.com AND NOT ( subject:purchase OR subject:received )";
tags = [ "-inbox" "-unread" ];
}
{
query =
"from:steampowered.com AND ( subject:purchase OR subject:received )";
tags = [ "+billing" "+steam" ];
}
{
query = "from:gog.com AND NOT subject:Bestellung";
tags = [ "-inbox" "-unread" ];
}
{
query = "from:gog.com AND subject:Bestellung";
tags = [ "+billing" "+gog" ];
}
{
query = "from:drive-now.com";
tags = [ "+billing" "+drivenow" "-inbox" "-unread" ];
}
{
query = "from:mindfactory.de";
tags = [ "+shop" "+billing" ];
}
{
query = "from:zalando.de";
tags = [ "+shop" "+billing" "+zalando" ];
}
{
query = "from:ing.de";
tags = [ "+bank" "+ingdiba" ];
}
{
query = "from:nab.com.au";
tags = [ "+bank" "+nab" "-inbox" "-unread" ];
}
{
query = "from:dkb.de";
tags = [ "+bank" "+dkb" ];
}
{
query = "from:o2online.de";
tags = [ "+billing" "+o2" ];
}
{
query = "from:betfair.com";
tags = [ "+work" "+betfair" ];
}
{
query = "from:ghostinspector.com";
tags = [ "-unread" "-inbox" "+junk" ];
}
{
query = "from:travis-ci.org AND subject:csv-to-qif";
tags = [ "+development" "+csv-to-qif" ];
}
{
query = "to:proaudio@lists.tuxfamily.org";
tags = [ "-inbox" "-unread" ];
}
{
query = "tag:lists AND from:nixos1@discoursemail.com";
tags = [ "+nixos" "+discourse" ];
}
{
query = "from:limebike.com AND (subject:Funds OR subject:Receipt)";
tags = [ "-inbox" "-unread" "+billing" "+limebike" ];
}
{
query = "from:hetzner.com OR from:hetzner.de";
tags = [ "+hetzner" ];
}
{
query = "from:freemusicarchive.org";
tags = [ "+FMA" ];
}
{
query = "from:namecheap.com";
tags = [ "+namecheap" "+billing" ];
}
{
query = "from:nintendo.com";
tags = [ "+nintendo" "+billing" ];
}
{
query = "from:oculus.com AND subject:receipt";
tags = [ "+oculus" "+billing" ];
}
{
query = "from:vstbuzz.com";
tags = [ "+junk" "-inbox" ];
}
{
query = "from:runtastic.com";
tags = [ "+junk" "-inbox" ];
}
{
query = "from:letterboxd.com";
tags = [ "+junk" "-inbox" ];
}
{
query = "from::microsoftstoreemail.com";
tags = [ "+junk" "-inbox" ];
}
{
query = "from:car2go.com";
tags = [ "-inbox" "-unread" ];
}
{
query = "from:sixt.de";
tags = [ "-inbox" "-unread" ];
}
{
query = "from:meetup.com";
tags = [ "-inbox" "-unread" "+meetup" ];
}
{
query = "from:slack.com";
tags = [ "+slack" ];
}
{
query = "from:keybase.io";
tags = [ "+keybase" ];
}
{
query = "from:tumblr.com";
tags = [ "+junk" "-inbox" "-unread" ];
}
{
query = "from:jobs2web.com";
tags = [ "+newzealand" "+jobs" "-inbox" ];
}
{
query = "from:mailings.gmx.net";
tags = [ "+junk" "-inbox" "-unread" ];
}
{
query = "from:paypal.de AND subject:Bestätigung";
tags = [ "-unread" "+paypal" "+billing" ];
}
{
query = "to:c-base.org";
tags = [ "+cbase" ];
}
{
query = "to:c-base.org AND subject=[auto-report]";
tags = [ "-unread" "-inbox" ];
}
{
query =
"to:renoise@ingolf-wagner.de OR to:root@renoise.com OR from:renoise.com OR to:admin@renoise.com";
tags = [ "+renoise" ];
}
{
query = "from:amazon.de OR from:amazon.com AND NOT to:renoise.com";
tags = [ "+shop" "+amazon" "+billing" ];
}
{
query =
"to:renoise.com AND NOT ( from:renoise.com OR from:root OR from:hetzner.com OR from:hetzner.de OR from:amazon.com OR from:gmail.com )";
tags = [ "-inbox" "-unread" "+junk" "+renoise" ]; tags = [ "-inbox" "-unread" "+junk" "+renoise" ];
} }
# final rules to make imap sync stuff easier # final rules to make imap sync stuff easier
# there can only be one output folder tag, and theses rules are prioritized # there can only be one output folder tag, and theses rules are prioritized
{ query = "tag:fraud" ; tags = ["-inbox" "-archive" "-junk" "-unread" ]; message = "clean up tag fraud";} {
{ query = "tag:junk" ; tags = ["-inbox" "-archive" "-fraud" "-unread" ]; message = "clean up tag junk";} query = "tag:fraud";
{ query = "tag:archive" ; tags = ["-inbox" "-junk" "-fraud" "-unread" ]; message = "clean up tag archive";} tags = [ "-inbox" "-archive" "-junk" "-unread" ];
{ query = "tag:inbox" ; tags = ["-archive" "-junk" "-fraud"]; message = "clean up inbox";} message = "clean up tag fraud";
{ query = "tag:killed"; tags = ["-inbox" "-unread"]; message = "clean up tag killed" ;} }
{
query = "tag:junk";
tags = [ "-inbox" "-archive" "-fraud" "-unread" ];
message = "clean up tag junk";
}
{
query = "tag:archive";
tags = [ "-inbox" "-junk" "-fraud" "-unread" ];
message = "clean up tag archive";
}
{
query = "tag:inbox";
tags = [ "-archive" "-junk" "-fraud" ];
message = "clean up inbox";
}
{
query = "tag:killed";
tags = [ "-inbox" "-unread" ];
message = "clean up tag killed";
}
# remove new tag at the end # remove new tag at the end
{ query = "tag:new"; tags = ["-new"]; message = "remove new tag at the end" ;} {
query = "tag:new";
tags = [ "-new" ];
message = "remove new tag at the end";
}
]; ];
in in ''
'' # Tag mails which are mailing lists
# Tag mails which are mailing lists [ListMailsFilter]
[ListMailsFilter]
# Tag mails as killed if the thread has been marked as "killed" # Tag mails as killed if the thread has been marked as "killed"
[KillThreadsFilter] [KillThreadsFilter]
${concatStringsSep "\n" (imap0 template filters)} ${concatStringsSep "\n" (imap0 template filters)}
''; '';
}; };
} }

8
configs/workhorse/packages.nix
View file

@ -1,7 +1,3 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let let unstable = import <nixpkgs-unstable> { };
unstable = import <nixpkgs-unstable> {}; in { environment.systemPackages = with pkgs; [ ]; }
in {
environment.systemPackages = with pkgs ; [
];
}

53
configs/workhorse/prometheus.nix
View file

@ -1,14 +1,11 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }: {
{
services.nginx = { services.nginx = {
enable = true; enable = true;
statusPage = true; statusPage = true;
virtualHosts = { virtualHosts = {
"prometheus.workhorse.private" = { "prometheus.workhorse.private" = {
locations."/" = { locations."/" = { proxyPass = "http://workhorse.private:9090"; };
proxyPass = "http://workhorse.private:9090";
};
}; };
}; };
}; };
@ -21,21 +18,21 @@
scrape_interval = "8s"; scrape_interval = "8s";
static_configs = [ static_configs = [
{ {
targets = ["sputnik.private:9113"]; targets = [ "sputnik.private:9113" ];
labels = { labels = {
service = "nginx"; service = "nginx";
server = "sputnik"; server = "sputnik";
}; };
} }
{ {
targets = ["sputnik.private:9113"]; targets = [ "sputnik.private:9113" ];
labels = { labels = {
service = "nginx"; service = "nginx";
server = "sputnik"; server = "sputnik";
}; };
} }
{ {
targets = ["workhorse.private:9113"]; targets = [ "workhorse.private:9113" ];
labels = { labels = {
service = "nginx"; service = "nginx";
server = "sputnik"; server = "sputnik";
@ -50,21 +47,21 @@
scrape_interval = "5s"; scrape_interval = "5s";
static_configs = [ static_configs = [
{ {
targets = ["porani.private:19999"]; targets = [ "porani.private:19999" ];
labels = { labels = {
service = "netdata"; service = "netdata";
server = "porani"; server = "porani";
}; };
} }
{ {
targets = ["sputnik.private:19999"]; targets = [ "sputnik.private:19999" ];
labels = { labels = {
service = "netdata"; service = "netdata";
server = "sputnik"; server = "sputnik";
}; };
} }
{ {
targets = ["workhorse.private:19999"]; targets = [ "workhorse.private:19999" ];
labels = { labels = {
service = "netdata"; service = "netdata";
server = "workhorse"; server = "workhorse";
@ -77,30 +74,26 @@
metrics_path = "/-/metrics"; metrics_path = "/-/metrics";
params.format = [ "prometheus" ]; params.format = [ "prometheus" ];
scrape_interval = "10s"; scrape_interval = "10s";
static_configs = [ static_configs = [{
{ targets = [ "workhorse.private:3000" ];
targets = ["workhorse.private:3000"]; labels = {
labels = { service = "gogs";
service = "gogs"; server = "kruck";
server = "kruck"; };
}; }];
}
];
} }
{ {
job_name = "home-assistant"; job_name = "home-assistant";
scrape_interval = "60s"; scrape_interval = "60s";
metrics_path = "/api/prometheus"; metrics_path = "/api/prometheus";
static_configs = [ static_configs = [{
{ targets = [ "porani.private:8123" ];
targets = ["porani.private:8123"]; labels = {
labels = { service = "hass";
service = "hass"; server = "porani";
server = "porani"; city = "essen";
city = "essen"; };
}; }];
}
];
} }
]; ];
}; };

3
configs/workhorse/restic.nix
View file

@ -1,5 +1,4 @@
{ config, ... }: { config, ... }: {
{
backup.services.restic = { backup.services.restic = {
"on-porani".enable = false; "on-porani".enable = false;

9
configs/workhorse/seafile.nix
View file

@ -1,14 +1,15 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }: {
{
services.nginx = { services.nginx = {
enable = true; enable = true;
statusPage = true; statusPage = true;
virtualHosts = { virtualHosts = {
"seafile.${config.networking.hostName}.private" = { "seafile.${config.networking.hostName}.private" = {
serverAliases = []; serverAliases = [ ];
locations."/" = { locations."/" = {
proxyPass = "http://${config.networking.hostName}.private:${toString config.custom.services.seafile.port}"; proxyPass = "http://${config.networking.hostName}.private:${
toString config.custom.services.seafile.port
}";
}; };
}; };
}; };

152
configs/workhorse/syncthing.nix
View file

@ -1,98 +1,98 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }: {
{
custom.samba-share = { custom.samba-share = {
enable = true; enable = true;
folders = { folders = {
movies = config.test.services.syncthing.declarative.folders.movies.path; movies = config.test.services.syncthing.declarative.folders.movies.path;
series = config.test.services.syncthing.declarative.folders.series.path; series = config.test.services.syncthing.declarative.folders.series.path;
music = config.test.services.syncthing.declarative.folders.music-library.path; music =
config.test.services.syncthing.declarative.folders.music-library.path;
}; };
}; };
test.services.syncthing = { test.services.syncthing = {
enable = true; enable = true;
openDefaultPorts = false; openDefaultPorts = false;
dataDir = "/home/syncthing"; dataDir = "/home/syncthing";
configDir = "/home/syncthing"; configDir = "/home/syncthing";
declarative = { declarative = {
cert = toString <secrets/syncthing/cert.pem>; cert = toString <secrets/syncthing/cert.pem>;
key = toString <secrets/syncthing/key.pem>; key = toString <secrets/syncthing/key.pem>;
overrideFolders = true; overrideFolders = true;
folders = { folders = {
# todo add podcast here # todo add podcast here
# on encrypted hard drive # on encrypted hard drive
# ----------------------- # -----------------------
private = { private = {
enable = true; enable = true;
path = "/home/syncthing/private"; path = "/home/syncthing/private";
versioning = { versioning = {
type = "simple"; type = "simple";
params.keep = "10"; params.keep = "10";
}; };
}; };
desktop = { desktop = {
enable = true; enable = true;
path = "/home/syncthing/desktop"; path = "/home/syncthing/desktop";
}; };
finance = { finance = {
enable = true; enable = true;
path = "/home/syncthing/finance"; path = "/home/syncthing/finance";
versioning = { versioning = {
type = "simple"; type = "simple";
params.keep = "10"; params.keep = "10";
}; };
}; };
fotos = { fotos = {
enable = true; enable = true;
path = "/home/syncthing/fotos"; path = "/home/syncthing/fotos";
}; };
lost-fotos = { lost-fotos = {
enable = true; enable = true;
path = "/home/syncthing/lost-fotos.ct"; path = "/home/syncthing/lost-fotos.ct";
}; };
music-projects = { music-projects = {
enable = true; enable = true;
path = "/home/syncthing/music-projects"; path = "/home/syncthing/music-projects";
}; };
video-material = { video-material = {
enable = true; enable = true;
path = "/home/syncthing/video-material"; path = "/home/syncthing/video-material";
}; };
# on media hard drive (not encrypted) # on media hard drive (not encrypted)
# ----------------------------------- # -----------------------------------
music-library-free = { music-library-free = {
enable = true; enable = true;
path = "/media/syncthing/music-library-free"; path = "/media/syncthing/music-library-free";
}; };
samples = { samples = {
enable = true; enable = true;
path = "/media/syncthing/samples"; path = "/media/syncthing/samples";
}; };
movies = { movies = {
enable = true; enable = true;
path = "/media/syncthing/movies"; path = "/media/syncthing/movies";
}; };
music-library = { music-library = {
enable = true; enable = true;
path = "/media/syncthing/music-library"; path = "/media/syncthing/music-library";
}; };
podcasts = { podcasts = {
enable = true; enable = true;
path = "/media/syncthing/podcasts"; path = "/media/syncthing/podcasts";
}; };
series = { series = {
enable = true; enable = true;
path = "/media/syncthing/series"; path = "/media/syncthing/series";
}; };
}; };
}; };
}; };
systemd.services."permown._media_syncthing" = { systemd.services."permown._media_syncthing" = {
bindsTo = [ "media.mount" ]; bindsTo = [ "media.mount" ];
@ -108,6 +108,6 @@
after = [ "media.mount" ]; after = [ "media.mount" ];
}; };
backup.all.restic.dirs = ["/home/syncthing/finance"]; backup.all.restic.dirs = [ "/home/syncthing/finance" ];
} }

5
configs/workhorse/taskserver.nix
View file

@ -1,5 +1,4 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }: {
{
services.taskserver = { services.taskserver = {
enable = true; enable = true;
@ -8,7 +7,7 @@
requestLimit = 104857600; requestLimit = 104857600;
trust = "allow all"; trust = "allow all";
dataDir = "/var/lib/taskserver"; dataDir = "/var/lib/taskserver";
organisations."orgie".users = ["palo"]; organisations."orgie".users = [ "palo" ];
}; };
} }

3
configs/workhorse/tinc.nix
View file

@ -1,5 +1,4 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }: {
{
module.cluster.services.tinc = { module.cluster.services.tinc = {
"private" = { "private" = {

17
configs/workhorse/transmission.nix
View file

@ -4,12 +4,10 @@ with lib;
let let
allTincNetworks = allTincNetworks = builtins.attrNames config.module.cluster.services.tinc;
builtins.attrNames config.module.cluster.services.tinc;
ipAddresses = ipAddresses = flatten (mapAttrsToList
flatten (mapAttrsToList (_: data: (_: data: mapAttrsToList (_: hostConfig: hostConfig.tincIp) data.hosts)
mapAttrsToList (_: hostConfig: hostConfig.tincIp) data.hosts)
config.module.cluster.services.tinc); config.module.cluster.services.tinc);
in { in {
@ -19,9 +17,11 @@ in {
statusPage = true; statusPage = true;
virtualHosts = { virtualHosts = {
"transmission.${config.networking.hostName}.private" = { "transmission.${config.networking.hostName}.private" = {
serverAliases = ["torrent.${config.networking.hostName}.private"]; serverAliases = [ "torrent.${config.networking.hostName}.private" ];
locations."/" = { locations."/" = {
proxyPass = "http://${config.networking.hostName}.private:${toString config.services.transmission.port}"; proxyPass = "http://${config.networking.hostName}.private:${
toString config.services.transmission.port
}";
}; };
}; };
}; };
@ -36,7 +36,8 @@ in {
enable = true; enable = true;
home = "/home/torrent"; home = "/home/torrent";
store = "/home/torrent"; store = "/home/torrent";
hosts = concatStringsSep "," (map (name: "${config.networking.hostName}.${name}") allTincNetworks); hosts = concatStringsSep ","
(map (name: "${config.networking.hostName}.${name}") allTincNetworks);
whitelist = concatStringsSep "," ipAddresses; whitelist = concatStringsSep "," ipAddresses;
user = "palo"; user = "palo";
password = lib.fileContents <secrets/transmission/password>; password = lib.fileContents <secrets/transmission/password>;

13
configs/workhorse/weechat.nix
View file

@ -9,9 +9,7 @@
{ {
# configure weechat # configure weechat
services.weechat = { services.weechat = { enable = true; };
enable = true;
};
# configure bitlbee # configure bitlbee
services.bitlbee = { services.bitlbee = {
@ -28,17 +26,12 @@
pkgs.telegram-purple pkgs.telegram-purple
#pkgs.purple-lurch #pkgs.purple-lurch
]; ];
plugins = [ plugins = [ pkgs.bitlbee-facebook pkgs.bitlbee-steam ];
pkgs.bitlbee-facebook
pkgs.bitlbee-steam
];
}; };
# otherwise xterm is the only thing that works # otherwise xterm is the only thing that works
environment.systemPackages = [ pkgs.rxvt_unicode ]; environment.systemPackages = [ pkgs.rxvt_unicode ];
backup.all.restic.dirs = [ backup.all.restic.dirs = [ config.services.weechat.root ];
config.services.weechat.root
];
} }

17
configs/workout/configuration.nix
View file

@ -1,5 +1,4 @@
{ lib, config, pkgs, ... }: { lib, config, pkgs, ... }: {
{
imports = [ imports = [
<system/desktop> <system/desktop>
@ -13,13 +12,13 @@
]; ];
networking.hostName = "workout"; networking.hostName = "workout";
services.logind.lidSwitch = lib.mkForce "ignore"; services.logind.lidSwitch = lib.mkForce "ignore";
security.wrappers = { security.wrappers = {
pmount.source = "${pkgs.pmount}/bin/pmount"; pmount.source = "${pkgs.pmount}/bin/pmount";
pumount.source = "${pkgs.pmount}/bin/pumount"; pumount.source = "${pkgs.pmount}/bin/pumount";
}; };
# nix-shell -p speedtest_cli --run speedtest # nix-shell -p speedtest_cli --run speedtest
@ -36,8 +35,8 @@
# font # font
# ---- # ----
programs.custom.urxvt.fontSize = 17; programs.custom.urxvt.fontSize = 17;
programs.custom.xterm.fontSize = 17; programs.custom.xterm.fontSize = 17;
system.custom.fonts.dpi = 140; system.custom.fonts.dpi = 140;
services.printing.enable = true; services.printing.enable = true;
@ -45,8 +44,8 @@
virtualisation = { virtualisation = {
docker.enable = true; docker.enable = true;
virtualbox = { virtualbox = {
host.enable = true; host.enable = true;
guest.x11 = true; guest.x11 = true;
guest.enable = true; guest.enable = true;
}; };
}; };

52
configs/workout/hardware-configuration.nix
View file

@ -1,40 +1,48 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let let mainUserHome = "/home/palo";
mainUserHome = "/home/palo"; in {
in
{
# fix fileSystems.<name>.encrypted - false overwrite # fix fileSystems.<name>.encrypted - false overwrite
# -------------------------------------------------- # --------------------------------------------------
boot.initrd.luks.cryptoModules = [ "aes" "aes_generic" "blowfish" "twofish" "serpent" "cbc" "xts" "lrw" "sha1" "sha256" "sha512" "aes_x86_64" ]; boot.initrd.luks.cryptoModules = [
"aes"
"aes_generic"
"blowfish"
"twofish"
"serpent"
"cbc"
"xts"
"lrw"
"sha1"
"sha256"
"sha512"
"aes_x86_64"
];
# todo : why should I use this here # todo : why should I use this here
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "sd_mod" ]; boot.initrd.availableKernelModules =
[ "xhci_pci" "ahci" "usb_storage" "sd_mod" ];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" ];
nix.maxJobs = lib.mkDefault 8; nix.maxJobs = lib.mkDefault 8;
# lvm volume group # lvm volume group
# ---------------- # ----------------
boot.initrd.luks.devices = [ boot.initrd.luks.devices = [{
{ name = "vg";
name = "vg"; device = "/dev/sda2";
device = "/dev/sda2"; preLVM = true;
preLVM = true; }];
}
];
# NTFS support # NTFS support
# ------------ # ------------
environment.systemPackages = [ environment.systemPackages = [ pkgs.ntfs3g ];
pkgs.ntfs3g
];
# root # root
# ---- # ----
fileSystems."/" = { fileSystems."/" = {
options = [ "noatime" "nodiratime" "discard" ]; options = [ "noatime" "nodiratime" "discard" ];
device = "/dev/vg/root"; device = "/dev/vg/root";
fsType = "ext4"; fsType = "ext4";
}; };
# boot # boot
@ -44,8 +52,8 @@ in
fsType = "ext4"; fsType = "ext4";
}; };
boot.loader.grub = { boot.loader.grub = {
device = "/dev/sda"; device = "/dev/sda";
enable = true; enable = true;
version = 2; version = 2;
}; };
@ -53,8 +61,8 @@ in
# ---- # ----
fileSystems."/home" = { fileSystems."/home" = {
options = [ "noatime" "nodiratime" "discard" ]; options = [ "noatime" "nodiratime" "discard" ];
device = "/dev/vg/home"; device = "/dev/vg/home";
fsType = "ext4"; fsType = "ext4";
}; };
} }

15
configs/workout/kibana.nix
View file

@ -1,22 +1,25 @@
{ config, ... }: { config, ... }: {
{
services.nginx = { services.nginx = {
enable = true; enable = true;
statusPage = true; statusPage = true;
virtualHosts = { virtualHosts = {
"kibana.${config.networking.hostName}.private" = { "kibana.${config.networking.hostName}.private" = {
serverAliases = []; serverAliases = [ ];
locations."/" = { locations."/" = {
proxyPass = "http://${config.networking.hostName}.private:${toString config.services.kibana.port}"; proxyPass = "http://${config.networking.hostName}.private:${
toString config.services.kibana.port
}";
}; };
}; };
}; };
}; };
services.elasticsearch.enable = true; services.elasticsearch.enable = true;
services.elasticsearch.listenAddress = "${config.networking.hostName}.private"; services.elasticsearch.listenAddress =
"${config.networking.hostName}.private";
services.kibana.enable = true; services.kibana.enable = true;
services.kibana.elasticsearch.hosts = [ "http://${config.networking.hostName}.private:9200" ]; services.kibana.elasticsearch.hosts =
[ "http://${config.networking.hostName}.private:9200" ];
services.kibana.listenAddress = "${config.networking.hostName}.private"; services.kibana.listenAddress = "${config.networking.hostName}.private";
services.kibana.port = 5601; services.kibana.port = 5601;

21
configs/workout/packages.nix
View file

@ -1,19 +1,20 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let let unstable = import <nixpkgs-unstable> { };
unstable = import <nixpkgs-unstable> {};
in { in {
nixpkgs.config.packageOverrides = pkgs: { nixpkgs.config.packageOverrides = pkgs: {
nur = import (builtins.fetchTarball "https://github.com/nix-community/NUR/archive/master.tar.gz") { nur = import (builtins.fetchTarball
inherit pkgs; "https://github.com/nix-community/NUR/archive/master.tar.gz") {
}; inherit pkgs;
};
}; };
environment.systemPackages = with pkgs ; [ environment.systemPackages = with pkgs;
bitwig-studio [
#unstable.pypi2nix bitwig-studio
#nur.repos.mic92.nixos-shell #unstable.pypi2nix
]; #nur.repos.mic92.nixos-shell
];
programs.custom.q = { programs.custom.q = {
enableIntelBacklight = false; enableIntelBacklight = false;

6
configs/workout/slack.nix
View file

@ -1,5 +1,4 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }: {
{
programs.custom.slack = { programs.custom.slack = {
enable = true; enable = true;
@ -7,7 +6,8 @@
}; };
programs.custom.browser.configList.google-chrome = { programs.custom.browser.configList.google-chrome = {
inherit (config.programs.custom.browser.configList.development) home homeBackup user; inherit (config.programs.custom.browser.configList.development)
home homeBackup user;
sudoUsers = [ "slack" ]; sudoUsers = [ "slack" ];
}; };

3
configs/workout/syncthing.nix
View file

@ -1,5 +1,4 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }: {
{
test.services.syncthing = { test.services.syncthing = {
enable = true; enable = true;

3
configs/workout/tinc.nix
View file

@ -1,5 +1,4 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }: {
{
module.cluster.services.tinc = { module.cluster.services.tinc = {
"private" = { "private" = {
enable = true; enable = true;

32
images/lib/remote-access.nix
View file

@ -1,56 +1,50 @@
{ {
# cat ~/.ssh/id_rsa.pub # cat ~/.ssh/id_rsa.pub
publicSshKey ? "", publicSshKey ? "",
# remote-install-get-hiddenReceiver # remote-install-get-hiddenReceiver
hiddenReceiver ? "", hiddenReceiver ? "", }:
}: { config, lib, pkgs, ... }: {
{ config, lib, pkgs, ... }:
{
imports = [ imports = [
{ # system setup { # system setup
networking.hostName = "liveos"; networking.hostName = "liveos";
users.extraUsers = { users.extraUsers = {
root = { root = { openssh.authorizedKeys.keys = [ publicSshKey ]; };
openssh.authorizedKeys.keys = [
publicSshKey
];
};
}; };
} }
{ # installed packages { # installed packages
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
#style #style
most most
rxvt_unicode.terminfo rxvt_unicode.terminfo
#monitoring tools #monitoring tools
htop htop
iotop iotop
#network #network
iptables iptables
iftop iftop
nmap nmap
#stuff for dl #stuff for dl
aria2 aria2
#neat utils #neat utils
pciutils pciutils
psmisc psmisc
tmux tmux
usbutils usbutils
git git
#unpack stuff #unpack stuff
p7zip p7zip
unzip unzip
unrar unrar
#data recovery #data recovery
ddrescue ddrescue
ntfs3g ntfs3g
dosfstools dosfstools

6
images/remote-install/config.nix
View file

@ -1,8 +1,10 @@
{ pkgs, lib, ... }: let { pkgs, lib, ... }:
let
remote-access = import ../lib/remote-access.nix { remote-access = import ../lib/remote-access.nix {
# cat ~/.ssh/id_rsa.pub # cat ~/.ssh/id_rsa.pub
publicSshKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw=="; publicSshKey =
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw==";
# remote-install-get-hiddenReceiver # remote-install-get-hiddenReceiver
hiddenReceiver = ""; hiddenReceiver = "";

4
images/remote-install/remote-install.nix
View file

@ -3,9 +3,7 @@
services.tor = { services.tor = {
enable = true; enable = true;
client.enable = true; client.enable = true;
hiddenServices.liveos.map = [ hiddenServices.liveos.map = [{ port = 1337; }];
{ port = 1337; }
];
}; };
environment.systemPackages = [ environment.systemPackages = [

11
images/windows-rescue/config.nix
View file

@ -1,23 +1,22 @@
# NixOS livesystem to reset windows passwords # NixOS livesystem to reset windows passwords
# Step by step guide : https://opensource.com/article/18/3/how-reset-windows-password-linux # Step by step guide : https://opensource.com/article/18/3/how-reset-windows-password-linux
# $ nixos-generator -f iso -c config.nix # $ nixos-generator -f iso -c config.nix
{ pkgs, ... }: let { pkgs, ... }:
let
wifi = { wifi = {
ssid = ""; ssid = "";
plainTextPassword = ""; plainTextPassword = "";
}; };
remote-access = import ../lib/remote-access.nix { remote-access = import ../lib/remote-access.nix {
publicSshKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw=="; publicSshKey =
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw==";
hiddenReceiver = ""; hiddenReceiver = "";
}; };
in { in {
imports = [ remote-access ]; imports = [ remote-access ];
environment.systemPackages = [ environment.systemPackages = [ pkgs.chntpw pkgs.ntfs3g ];
pkgs.chntpw
pkgs.ntfs3g
];
networking.dhcpcd.enable = true; networking.dhcpcd.enable = true;
networking.wireless = { networking.wireless = {

14
images/yubikey-image.nix
View file

@ -7,10 +7,13 @@
if [ ! -d $GNUPGHOME ]; then if [ ! -d $GNUPGHOME ]; then
mkdir $GNUPGHOME mkdir $GNUPGHOME
fi fi
cp ${pkgs.fetchurl { cp ${
url = "https://raw.githubusercontent.com/drduh/config/662c16404eef04f506a6a208f1253fee2f4895d9/gpg.conf"; pkgs.fetchurl {
sha256 = "118fmrsn28fz629y7wwwcx7r1wfn59h3mqz1snyhf8b5yh0sb8la"; url =
}} "$GNUPGHOME/gpg.conf" "https://raw.githubusercontent.com/drduh/config/662c16404eef04f506a6a208f1253fee2f4895d9/gpg.conf";
sha256 = "118fmrsn28fz629y7wwwcx7r1wfn59h3mqz1snyhf8b5yh0sb8la";
}
} "$GNUPGHOME/gpg.conf"
echo "\$GNUPGHOME has been set up for you. Generated keys will be in $GNUPGHOME." echo "\$GNUPGHOME has been set up for you. Generated keys will be in $GNUPGHOME."
''; '';
@ -49,7 +52,8 @@
sha256 = "0rzy06a5xgfjpaklxdgrxml24d0vhk78lb577l3z4x7a2p32dbyq"; sha256 = "0rzy06a5xgfjpaklxdgrxml24d0vhk78lb577l3z4x7a2p32dbyq";
}; };
buildInputs = [ pkgs.pandoc ]; buildInputs = [ pkgs.pandoc ];
installPhase = "pandoc --highlight-style pygments -s --toc README.md -o $out"; installPhase =
"pandoc --highlight-style pygments -s --toc README.md -o $out";
}; };
in { in {
default = "xfce"; default = "xfce";

10
library/default.nix
View file

@ -1,8 +1,8 @@
{ pkgs, lib, ... }: { pkgs, lib, ... }: {
{ desktopFile = bin:
desktopFile = bin: { longName ? "Script", command ? "${bin}/bin/${bin.name}", ... }: { longName ? "Script", command ? "${bin}/bin/${bin.name}", ... }:
pkgs.writeTextFile { pkgs.writeTextFile {
name = "${bin.name}.desktop" ; name = "${bin.name}.desktop";
destination = "/share/applications/${bin.name}.desktop"; destination = "/share/applications/${bin.name}.desktop";
text = '' text = ''
[Desktop Entry] [Desktop Entry]
@ -14,7 +14,7 @@
GenericName=${longName} GenericName=${longName}
StartupWMClass=${bin.name} StartupWMClass=${bin.name}
''; '';
}; };
jenkins = import ./jenkins.nix { inherit lib; }; jenkins = import ./jenkins.nix { inherit lib; };

127
library/jenkins.nix
View file

@ -4,77 +4,74 @@ with builtins;
{ {
# source container url and credentialsId # source container url and credentialsId
job = name: { job = name:
url, { url, credentialsId, branch ? "master",
credentialsId,
branch ? "master",
# https://docs.openstack.org/infra/jenkins-job-builder/triggers.html # https://docs.openstack.org/infra/jenkins-job-builder/triggers.html
triggers ? [ triggers ? [{
{ pollscm = { pollscm = {
cron = "H/30 * * * *"; cron = "H/30 * * * *";
ignore-post-commit-hooks = true; ignore-post-commit-hooks = true;
};} };
], ... }: config: { job = { }], ... }:
inherit name triggers; config: {
sandbox = true; job = {
project-type = "pipeline"; inherit name triggers;
dsl = let sandbox = true;
stage = elem: project-type = "pipeline";
let dsl = let
stageName = head ( attrNames elem ); stage = elem:
stateScripts = map ( stage : let
lib.getAttr (typeOf stage) { stageName = head (attrNames elem);
string = '' stateScripts = map (stage:
withEnv(['PATH=/run/current-system/sw/bin/','NIX_PATH=/var/src/']) { lib.getAttr (typeOf stage) {
sh '${toString stage}' string = ''
}'';
set =
let
script = ''
withEnv(['PATH=/run/current-system/sw/bin/','NIX_PATH=/var/src/']) { withEnv(['PATH=/run/current-system/sw/bin/','NIX_PATH=/var/src/']) {
sh '${toString stage.script}' sh '${toString stage}'
} }'';
''; set = let
in script = ''
if (stage.credentialsId != null) withEnv(['PATH=/run/current-system/sw/bin/','NIX_PATH=/var/src/']) {
then '' sh '${toString stage.script}'
}
'';
in if (stage.credentialsId != null) then ''
sshagent(['${stage.credentialsId}']) { ${script} } sshagent(['${stage.credentialsId}']) { ${script} }
'' '' else
else script; script;
}) (getAttr stageName elem);
in ''
stage('${stageName}') {
steps {
${concatStringsSep "\n" stateScripts}
}
} }
)( getAttr stageName elem ); '';
stages = map stage config;
in '' in ''
stage('${stageName}') { pipeline {
steps { agent any
${concatStringsSep "\n" stateScripts} stages{
stage('Pull') {
steps {
checkout(
[$class: 'GitSCM'
, branches: [[name: '*/${branch}']]
, doGenerateSubmoduleConfigurations: false
, extensions: [[$class: 'LocalBranch', localBranch: 'master']]
, submoduleCfg: []
, userRemoteConfigs:
[[ credentialsId: '${credentialsId}'
, url: '${url}']]
]
)
}
}
${concatStringsSep "\n" stages}
} }
} }
''; '';
stages = map stage config; };
in '' };
pipeline {
agent any
stages{
stage('Pull') {
steps {
checkout(
[$class: 'GitSCM'
, branches: [[name: '*/${branch}']]
, doGenerateSubmoduleConfigurations: false
, extensions: [[$class: 'LocalBranch', localBranch: 'master']]
, submoduleCfg: []
, userRemoteConfigs:
[[ credentialsId: '${credentialsId}'
, url: '${url}']]
]
)
}
}
${concatStringsSep "\n" stages}
}
}
'';
};};
# creates a sync job # creates a sync job
# source and target container url and credentialsId # source and target container url and credentialsId
@ -83,12 +80,12 @@ with builtins;
name = name; name = name;
sandbox = true; sandbox = true;
project-type = "pipeline"; project-type = "pipeline";
triggers = [ { triggers = [{
pollscm = { pollscm = {
cron = "H/30 * * * *"; cron = "H/30 * * * *";
ignore-post-commit-hooks = true; ignore-post-commit-hooks = true;
}; };
} ]; }];
dsl = '' dsl = ''
pipeline { pipeline {
agent any agent any

128
modules/later/syncthing.nix
View file

@ -11,18 +11,16 @@ let
inherit (device) name addresses introducer; inherit (device) name addresses introducer;
}) cfg.declarative.devices; }) cfg.declarative.devices;
folders = mapAttrsToList ( _: folder: { folders = mapAttrsToList (_: folder: {
inherit (folder) path id label type; inherit (folder) path id label type;
devices = map (device: { deviceId = cfg.declarative.devices.${device}.id; }) folder.devices; devices = map (device: { deviceId = cfg.declarative.devices.${device}.id; })
folder.devices;
rescanIntervalS = folder.rescanInterval; rescanIntervalS = folder.rescanInterval;
fsWatcherEnabled = folder.watch; fsWatcherEnabled = folder.watch;
fsWatcherDelayS = folder.watchDelay; fsWatcherDelayS = folder.watchDelay;
ignorePerms = folder.ignorePerms; ignorePerms = folder.ignorePerms;
versioning = folder.versioning; versioning = folder.versioning;
}) (filterAttrs ( }) (filterAttrs (_: folder: folder.enable) cfg.declarative.folders);
_: folder:
folder.enable
) cfg.declarative.folders);
# get the api key by parsing the config.xml # get the api key by parsing the config.xml
getApiKey = pkgs.writers.writeDash "getAPIKey" '' getApiKey = pkgs.writers.writeDash "getAPIKey" ''
@ -45,8 +43,12 @@ let
# generate the new config by merging with the nixos config options # generate the new config by merging with the nixos config options
NEW_CFG=$(echo "$OLD_CFG" | ${pkgs.jq}/bin/jq -s '.[] as $in | $in * { NEW_CFG=$(echo "$OLD_CFG" | ${pkgs.jq}/bin/jq -s '.[] as $in | $in * {
"devices": (${builtins.toJSON devices}${optionalString (! cfg.declarative.overrideDevices) " + $in.devices"}), "devices": (${builtins.toJSON devices}${
"folders": (${builtins.toJSON folders}${optionalString (! cfg.declarative.overrideFolders) " + $in.folders"}) optionalString (!cfg.declarative.overrideDevices) " + $in.devices"
}),
"folders": (${builtins.toJSON folders}${
optionalString (!cfg.declarative.overrideFolders) " + $in.folders"
})
}') }')
# POST the new config to syncthing # POST the new config to syncthing
@ -102,13 +104,14 @@ in {
}; };
devices = mkOption { devices = mkOption {
default = {}; default = { };
description = '' description = ''
Peers/devices which syncthing should communicate with. Peers/devices which syncthing should communicate with.
''; '';
example = { example = {
bigbox = { bigbox = {
id = "7CFNTQM-IMTJBHJ-3UWRDIU-ZGQJFR6-VCXZ3NB-XUH3KZO-N52ITXR-LAIYUAU"; id =
"7CFNTQM-IMTJBHJ-3UWRDIU-ZGQJFR6-VCXZ3NB-XUH3KZO-N52ITXR-LAIYUAU";
addresses = [ "tcp://192.168.0.10:51820" ]; addresses = [ "tcp://192.168.0.10:51820" ];
}; };
}; };
@ -125,7 +128,7 @@ in {
addresses = mkOption { addresses = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = []; default = [ ];
description = '' description = ''
The addresses used to connect to the device. The addresses used to connect to the device.
If this is let empty, dynamic configuration is attempted If this is let empty, dynamic configuration is attempted
@ -165,7 +168,7 @@ in {
}; };
folders = mkOption { folders = mkOption {
default = {}; default = { };
description = '' description = ''
folders which should be shared by syncthing. folders which should be shared by syncthing.
''; '';
@ -214,7 +217,7 @@ in {
devices = mkOption { devices = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = []; default = [ ];
description = '' description = ''
The devices this folder should be shared with. Must be defined The devices this folder should be shared with. Must be defined
in the <literal>declarative.devices</literal> attribute. in the <literal>declarative.devices</literal> attribute.
@ -262,16 +265,16 @@ in {
}; };
} }
]; ];
type = with types; nullOr (submodule { type = with types;
options = { nullOr (submodule {
type = mkOption { options = {
type = enum [ "external" "simple" "staggered" "trashcan" ]; type = mkOption {
type =
enum [ "external" "simple" "staggered" "trashcan" ];
};
params = mkOption { type = attrsOf (either str path); };
}; };
params = mkOption { });
type = attrsOf (either str path);
};
};
});
}; };
rescanInterval = mkOption { rescanInterval = mkOption {
@ -376,11 +379,10 @@ in {
description = '' description = ''
Path where the settings and keys will exist. Path where the settings and keys will exist.
''; '';
default = default = let
let nixos = config.system.stateVersion;
nixos = config.system.stateVersion; cond = versionAtLeast nixos "19.03";
cond = versionAtLeast nixos "19.03"; in cfg.dataDir + (optionalString cond "/.config/syncthing");
in cfg.dataDir + (optionalString cond "/.config/syncthing");
}; };
openDefaultPorts = mkOption { openDefaultPorts = mkOption {
@ -427,18 +429,17 @@ in {
systemd.packages = [ pkgs.syncthing ]; systemd.packages = [ pkgs.syncthing ];
users.users = mkIf (cfg.systemService && cfg.user == defaultUser) { users.users = mkIf (cfg.systemService && cfg.user == defaultUser) {
${defaultUser} = ${defaultUser} = {
{ group = cfg.group; group = cfg.group;
home = cfg.dataDir; home = cfg.dataDir;
createHome = true; createHome = true;
uid = config.ids.uids.syncthing; uid = config.ids.uids.syncthing;
description = "Syncthing daemon user"; description = "Syncthing daemon user";
}; };
}; };
users.groups = mkIf (cfg.systemService && cfg.group == defaultUser) { users.groups = mkIf (cfg.systemService && cfg.group == defaultUser) {
${defaultUser}.gid = ${defaultUser}.gid = config.ids.gids.syncthing;
config.ids.gids.syncthing;
}; };
systemd.services = { systemd.services = {
@ -454,20 +455,26 @@ in {
serviceConfig = { serviceConfig = {
Restart = "on-failure"; Restart = "on-failure";
SuccessExitStatus = "2 3 4"; SuccessExitStatus = "2 3 4";
RestartForceExitStatus="3 4"; RestartForceExitStatus = "3 4";
User = cfg.user; User = cfg.user;
Group = cfg.group; Group = cfg.group;
ExecStartPre = mkIf (cfg.declarative.cert != null || cfg.declarative.key != null) ExecStartPre =
"+${pkgs.writers.writeBash "syncthing-copy-keys" '' mkIf (cfg.declarative.cert != null || cfg.declarative.key != null)
install -dm700 -o ${cfg.user} -g ${cfg.group} ${cfg.configDir} "+${
${optionalString (cfg.declarative.cert != null) '' pkgs.writers.writeBash "syncthing-copy-keys" ''
install -Dm400 -o ${cfg.user} -g ${cfg.group} ${toString cfg.declarative.cert} ${cfg.configDir}/cert.pem install -dm700 -o ${cfg.user} -g ${cfg.group} ${cfg.configDir}
''} ${optionalString (cfg.declarative.cert != null) ''
${optionalString (cfg.declarative.key != null) '' install -Dm400 -o ${cfg.user} -g ${cfg.group} ${
install -Dm400 -o ${cfg.user} -g ${cfg.group} ${toString cfg.declarative.key} ${cfg.configDir}/key.pem toString cfg.declarative.cert
''} } ${cfg.configDir}/cert.pem
''}" ''}
; ${optionalString (cfg.declarative.key != null) ''
install -Dm400 -o ${cfg.user} -g ${cfg.group} ${
toString cfg.declarative.key
} ${cfg.configDir}/key.pem
''}
''
}";
ExecStart = '' ExecStart = ''
${cfg.package}/bin/syncthing \ ${cfg.package}/bin/syncthing \
-no-browser \ -no-browser \
@ -476,23 +483,20 @@ in {
''; '';
}; };
}; };
syncthing-init = mkIf ( syncthing-init = mkIf
cfg.declarative.devices != {} || cfg.declarative.folders != {} (cfg.declarative.devices != { } || cfg.declarative.folders != { }) {
) { after = [ "syncthing.service" ];
after = [ "syncthing.service" ]; wantedBy = [ "multi-user.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = { serviceConfig = {
User = cfg.user; User = cfg.user;
RemainAfterExit = true; RemainAfterExit = true;
Type = "oneshot"; Type = "oneshot";
ExecStart = updateConfig; ExecStart = updateConfig;
};
}; };
};
syncthing-resume = { syncthing-resume = { wantedBy = [ "suspend.target" ]; };
wantedBy = [ "suspend.target" ];
};
}; };
}; };
} }

335
modules/programs/browser.nix
View file

@ -14,234 +14,219 @@ let
firefoxBin = "${pkgs.firefox}/bin/firefox"; firefoxBin = "${pkgs.firefox}/bin/firefox";
tarBin = "${pkgs.gnutar}/bin/tar"; tarBin = "${pkgs.gnutar}/bin/tar";
# desktop file # desktop file
# ------------ # ------------
# makes it possible to be used by other programs # makes it possible to be used by other programs
desktopFile = bin: let desktopFile = bin:
browserName = bin.name; let browserName = bin.name;
in pkgs.writeTextFile { in pkgs.writeTextFile {
name = "${browserName}.desktop" ; name = "${browserName}.desktop";
destination = "/share/applications/${browserName}.desktop"; destination = "/share/applications/${browserName}.desktop";
text = '' text = ''
[Desktop Entry] [Desktop Entry]
Type=Application Type=Application
Exec=${bin}/bin/${browserName} %U Exec=${bin}/bin/${browserName} %U
Icon=chromium Icon=chromium
Comment=An open source web browser from Google Comment=An open source web browser from Google
Terminal=false Terminal=false
Name=${browserName} Name=${browserName}
GenericName=Web browser GenericName=Web browser
MimeType=text/html;text/xml;application/xhtml+xml;x-scheme-handler/http;x-scheme-handler/https;x-scheme-handler/ftp;x-scheme-handler/webcal;x-scheme-handler/about MimeType=text/html;text/xml;application/xhtml+xml;x-scheme-handler/http;x-scheme-handler/https;x-scheme-handler/ftp;x-scheme-handler/webcal;x-scheme-handler/about
Categories=Network;WebBrowser Categories=Network;WebBrowser
StartupWMClass=${browserName} StartupWMClass=${browserName}
''; '';
}; };
cleanBrowser = name: browser: home: homeBackup: cleanBrowser = name: browser: home: homeBackup:
let let
backupFile = "${homeBackup}.tar.lzma"; backupFile = "${homeBackup}.tar.lzma";
rolloutFile = "${home}.tar.lzma"; rolloutFile = "${home}.tar.lzma";
lockFile = "${home}-lock"; lockFile = "${home}-lock";
in in pkgs.writeShellScriptBin "${name}-clean" # sh
pkgs.writeShellScriptBin "${name}-clean" /* sh */ '' ''
sudo killall -9 -u ${name} sudo killall -9 -u ${name}
sudo rm ${lockFile} sudo rm ${lockFile}
sudo rm -rf ${home} sudo rm -rf ${home}
''; '';
createBrowser = name: user: browser: home: homeBackup: createBrowser = name: user: browser: home: homeBackup:
let let
backupFile = "${homeBackup}.tar.lzma"; backupFile = "${homeBackup}.tar.lzma";
rolloutFile = "${home}.tar.lzma"; rolloutFile = "${home}.tar.lzma";
lockFile = "${home}-lock"; lockFile = "${home}-lock";
in in pkgs.writeShellScriptBin "${name}" # sh
pkgs.writeShellScriptBin "${name}" /* sh */ '' ''
# set -x # set -x
if [[ ! -e ${lockFile} ]] if [[ ! -e ${lockFile} ]]
then
# rollout backup
if [[ -e ${backupFile} ]]
then then
if [[ ! -d ${home} ]] # rollout backup
if [[ -e ${backupFile} ]]
then then
# todo : use make user if [[ ! -d ${home} ]]
sudo mkdir -p ${home} then
sudo chown -R ${user}:users ${home} # todo : use make user
sudo mkdir -p ${home}
sudo chown -R ${user}:users ${home}
fi
cp ${backupFile} ${rolloutFile}
sudo -u ${user} ${tarBin} xf ${rolloutFile} --directory ${home}
rm ${rolloutFile}
touch ${lockFile}
fi fi
cp ${backupFile} ${rolloutFile}
sudo -u ${user} ${tarBin} xf ${rolloutFile} --directory ${home}
rm ${rolloutFile}
touch ${lockFile}
fi fi
fi
sudo -u ${user} ${browser} sudo -u ${user} ${browser}
''; '';
browserExecutableList = browserExecutableList = let
let allBrowser = flip mapAttrsToList cfg.configList (name: config:
allBrowser = flip mapAttrsToList cfg.configList (
name: config:
let let
browser = if config.browserType == "chrome" browser = if config.browserType == "chrome" then
then "${chromiumBin} \"$@\"" ''${chromiumBin} "$@"''
else if config.browserType == "google" else if config.browserType == "google" then
then "${chromeBin} \"$@\"" ''${chromeBin} "$@"''
else "${firefoxBin} \"$@\""; else
in ''${firefoxBin} "$@"'';
createBrowser name config.user browser config.home config.homeBackup in createBrowser name config.user browser config.home config.homeBackup);
);
xclipBrowser = [ xclipBrowser = [
(pkgs.writeShellScriptBin "copy-to-xclip" /* sh */'' (pkgs.writeShellScriptBin "copy-to-xclip" # sh
echo "$*" | ${pkgs.xclip}/bin/xclip ''
'') echo "$*" | ${pkgs.xclip}/bin/xclip
'')
]; ];
in in allBrowser ++ xclipBrowser;
allBrowser ++ xclipBrowser;
createBackupScript = name: home: backupHome: createBackupScript = name: home: backupHome:
pkgs.writeShellScriptBin "${name}-backup" /* sh */ '' pkgs.writeShellScriptBin "${name}-backup" # sh
sudo -u ${name} \ ''
${tarBin} \ sudo -u ${name} \
--exclude=.cache \ ${tarBin} \
--exclude=Downloads \ --exclude=.cache \
--create \ --exclude=Downloads \
--verbos \ --create \
--lzma \ --verbos \
--file ${home}.tar.lzma \ --lzma \
--directory ${home} \ --file ${home}.tar.lzma \
. --directory ${home} \
.
cp ${home}.tar.lzma ${backupHome}.tar.lzma cp ${home}.tar.lzma ${backupHome}.tar.lzma
''; '';
allBackupScripts = allBackupScripts = let
let filteredConfigs =
filteredConfigs = filterAttrs (name: browserConfig: browserConfig.homeBackup != null)
filterAttrs cfg.configList;
(name: browserConfig: browserConfig.homeBackup != null) in mapAttrsToList (name: browserConfig:
cfg.configList; createBackupScript name browserConfig.home browserConfig.homeBackup)
in filteredConfigs;
mapAttrsToList
(name: browserConfig: createBackupScript name browserConfig.home browserConfig.homeBackup)
filteredConfigs;
allCleanScripts =
let
filteredConfigs =
filterAttrs
(name: browserConfig: browserConfig.homeBackup != null)
cfg.configList;
in
mapAttrsToList
(name: browserConfig: cleanBrowser name name browserConfig.home browserConfig.homeBackup)
filteredConfigs;
allCleanScripts = let
filteredConfigs =
filterAttrs (name: browserConfig: browserConfig.homeBackup != null)
cfg.configList;
in mapAttrsToList (name: browserConfig:
cleanBrowser name name browserConfig.home browserConfig.homeBackup)
filteredConfigs;
# browser chooser # browser chooser
# --------------- # ---------------
browserSelect = pkgs.writeScriptBin "browser-select" '' browserSelect = pkgs.writeScriptBin "browser-select" ''
# select a browser using dmenu # select a browser using dmenu
# ---------------------------- # ----------------------------
BROWSER=$( echo -e "${lib.concatMapStringsSep "\\n" (bin: bin.name) browserExecutableList}" \ BROWSER=$( echo -e "${
lib.concatMapStringsSep "\\n" (bin: bin.name) browserExecutableList
}" \
| ${pkgs.rofi}/bin/rofi -dmenu ) | ${pkgs.rofi}/bin/rofi -dmenu )
# start selected browser # start selected browser
# ---------------------- # ----------------------
case $BROWSER in case $BROWSER in
${lib.concatStringsSep "\n" ${lib.concatStringsSep "\n" (flip map browserExecutableList
(flip map browserExecutableList (bin: "${bin.name}) export BIN=${bin}/bin/${bin.name} ;;")) (bin: "${bin.name}) export BIN=${bin}/bin/${bin.name} ;;"))}
}
esac esac
$BIN "$@" $BIN "$@"
''; '';
in { in {
options.programs.custom.browser = { options.programs.custom.browser = {
enable = mkEnableOption "enable browsers"; enable = mkEnableOption "enable browsers";
configList = mkOption { configList = mkOption {
type = with types; attrsOf (submodule ({ name , ... }: { type = with types;
options = { attrsOf (submodule ({ name, ... }: {
browserType = mkOption { options = {
type = with types; enum ["firefox" "chrome" "google"]; browserType = mkOption {
default = "chrome"; type = with types; enum [ "firefox" "chrome" "google" ];
description = '' default = "chrome";
the type of browser which is simulated description = ''
''; the type of browser which is simulated
'';
};
home = mkOption {
type = with types; str;
description = ''
Home of the browser.
'';
};
user = mkOption {
default = name;
type = with types; str;
description = ''
user to run the browser as
'';
};
sudoUsers = mkOption {
default = [ config.users.users.mainUser.name ];
type = with types; listOf str;
description = ''
user allowed to run sudo without password to start the browser
'';
};
homeBackup = mkOption {
type = with types; nullOr str;
default = null;
example = "~/.my-browser-backup";
description = ''
backup of the home, which gets rolled out if the
home does not exists. usefull for homes in tmpfs.
dont use file endings!
'';
};
}; };
home = mkOption { }));
type = with types; str;
description = ''
Home of the browser.
'';
};
user = mkOption {
default = name;
type = with types; str;
description = ''
user to run the browser as
'';
};
sudoUsers = mkOption {
default = [ config.users.users.mainUser.name ];
type = with types; listOf str;
description = ''
user allowed to run sudo without password to start the browser
'';
};
homeBackup = mkOption {
type = with types; nullOr str;
default = null;
example = "~/.my-browser-backup";
description = ''
backup of the home, which gets rolled out if the
home does not exists. usefull for homes in tmpfs.
dont use file endings!
'';
};
};
}));
}; };
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
# add sudo rights # add sudo rights
security.sudo.extraConfig = security.sudo.extraConfig = let
let extraRules = flip mapAttrsToList cfg.configList (name: values:
extraRules = flip mapAttrsToList cfg.configList (name: values: concatStringsSep "\n"
concatStringsSep "\n" (map (sudoUser: "${sudoUser} ALL=(${values.user}) NOPASSWD: ALL") values.sudoUsers)) ; (map (sudoUser: "${sudoUser} ALL=(${values.user}) NOPASSWD: ALL")
in values.sudoUsers));
lib.concatStringsSep "\n" extraRules; in lib.concatStringsSep "\n" extraRules;
# create users # create users
users.users = flip mapAttrs cfg.configList (name: config: users.users = flip mapAttrs cfg.configList (name: config: {
{ home = config.home;
home = config.home; createHome = true;
createHome = true; initialPassword = "${name}-browser";
initialPassword = "${name}-browser"; shell = pkgs.bashInteractive;
shell = pkgs.bashInteractive; isNormalUser = true;
isNormalUser = true; group = "users";
group = "users"; # enable video usage
# enable video usage extraGroups = [ "video" "audio" ];
extraGroups = [ "video" "audio" ]; });
}
);
# add groups to mainUser # add groups to mainUser
system.custom.mainUser.extraGroups = builtins.attrNames cfg.configList; system.custom.mainUser.extraGroups = builtins.attrNames cfg.configList;
environment.systemPackages = [ environment.systemPackages = [ browserSelect (desktopFile browserSelect) ]
browserSelect ++ browserExecutableList
( desktopFile browserSelect ) ++ (map (bin: desktopFile bin) browserExecutableList) ++ allBackupScripts
] ++ allCleanScripts;
++ browserExecutableList
++ (map (bin: desktopFile bin) browserExecutableList)
++ allBackupScripts
++ allCleanScripts;
}; };
} }

17
modules/programs/citate.nix
View file

@ -11,9 +11,10 @@ let
xdotool = "${pkgs.xdotool}/bin/xdotool"; xdotool = "${pkgs.xdotool}/bin/xdotool";
dmenu = "${pkgs.dmenu}/bin/dmenu"; dmenu = "${pkgs.dmenu}/bin/dmenu";
citateScript = file: suffix: pkgs.writeShellScriptBin "citate-${suffix}" '' citateScript = file: suffix:
${xdotool} - <<<"type -- $( cat ${file} | ${dmenu} -l 10 -i | sed -e "s/\(.*\)/'\1'/" )" pkgs.writeShellScriptBin "citate-${suffix}" ''
''; ${xdotool} - <<<"type -- $( cat ${file} | ${dmenu} -l 10 -i | sed -e "s/\(.*\)/'\1'/" )"
'';
scriptAxel = citateScript (toString <assets/sprueche-axel>) "axel"; scriptAxel = citateScript (toString <assets/sprueche-axel>) "axel";
scriptSiw = citateScript (toString <assets/sprueche-siw>) "siw"; scriptSiw = citateScript (toString <assets/sprueche-siw>) "siw";
@ -27,9 +28,15 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
environment.systemPackages = [ environment.systemPackages = [
scriptAxel scriptAxel
(library.desktopFile scriptAxel { longName = "Citate Axel"; command = "citate-axel"; }) (library.desktopFile scriptAxel {
longName = "Citate Axel";
command = "citate-axel";
})
scriptSiw scriptSiw
(library.desktopFile scriptSiw { longName = "Citate Sinnlos im Weltall"; command = "citate-siw"; }) (library.desktopFile scriptSiw {
longName = "Citate Sinnlos im Weltall";
command = "citate-siw";
})
]; ];
}; };
} }

13
modules/programs/curl-scripts.nix
View file

@ -12,7 +12,7 @@ let
${pkgs.curl}/bin/curl "qrenco.de/$1" ${pkgs.curl}/bin/curl "qrenco.de/$1"
''; '';
cheatSheetScript = pkgs.writeShellScriptBin "cheatsheet" '' cheatSheetScript = pkgs.writeShellScriptBin "cheatsheet" ''
${pkgs.curl}/bin/curl "cheat.sh/$1" ${pkgs.curl}/bin/curl "cheat.sh/$1"
''; '';
@ -20,15 +20,12 @@ let
in { in {
options.programs.custom.curlScripts.enable = mkEnableOption "enable curl scripts"; options.programs.custom.curlScripts.enable =
mkEnableOption "enable curl scripts";
config = mkIf cfg.enable { config = mkIf cfg.enable {
environment.systemPackages = [ environment.systemPackages =
weatherScript [ weatherScript qrCodeScript cheatSheetScript ];
qrCodeScript
cheatSheetScript
];
}; };
} }

8
modules/programs/easytag.nix
View file

@ -8,13 +8,11 @@ let
in { in {
options.programs.custom.easytag.enable = mkEnableOption "install easytag with dependencies"; options.programs.custom.easytag.enable =
mkEnableOption "install easytag with dependencies";
config = mkIf cfg.enable { config = mkIf cfg.enable {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [ easytag gnome3.dconf ];
easytag
gnome3.dconf
];
}; };
} }

2
modules/programs/elm.nix
View file

@ -11,7 +11,7 @@ in {
options.programs.custom.elm.enable = mkEnableOption "enable elm stack"; options.programs.custom.elm.enable = mkEnableOption "enable elm stack";
config = mkIf cfg.enable { config = mkIf cfg.enable {
environment.systemPackages = with pkgs ; [ environment.systemPackages = with pkgs; [
elmPackages.elm elmPackages.elm
elmPackages.elm-compiler elmPackages.elm-compiler
elmPackages.elm-format elmPackages.elm-format

6
modules/programs/espeak.nix
View file

@ -36,11 +36,12 @@ let
in { in {
options.programs.custom.espeak.enable = mkEnableOption "enable espeak scripts"; options.programs.custom.espeak.enable =
mkEnableOption "enable espeak scripts";
config = mkIf cfg.enable { config = mkIf cfg.enable {
environment.systemPackages = with pkgs ; [ environment.systemPackages = with pkgs; [
espeak espeak
en_espeak en_espeak
en_read en_read
@ -51,4 +52,3 @@ in {
}; };
} }

32
modules/programs/ffmpeg.nix
View file

@ -4,7 +4,8 @@ let
cfg = config.programs.custom.ffmpeg; cfg = config.programs.custom.ffmpeg;
ffmpegTemplate = name: { profile, preset, tune ? null}: ffmpegTemplate = name:
{ profile, preset, tune ? null }:
pkgs.writeShellScriptBin "ffmpeg-${name}" '' pkgs.writeShellScriptBin "ffmpeg-${name}" ''
if [ $# -eq 0 ] if [ $# -eq 0 ]
@ -64,13 +65,15 @@ let
-acodec aac \ -acodec aac \
"$output" \ "$output" \
-hide_banner -hide_banner
''; '';
ffmpegDescriptive = profile: preset: ffmpegDescriptive = profile: preset:
ffmpegTemplate "${profile}-${preset}-720p" { inherit profile preset ; }; ffmpegTemplate "${profile}-${preset}-720p" { inherit profile preset; };
ffmpegDescriptiveTune = profile: preset: tune: ffmpegDescriptiveTune = profile: preset: tune:
ffmpegTemplate "${profile}-${preset}-${tune}-720p" { inherit profile preset tune; }; ffmpegTemplate "${profile}-${preset}-${tune}-720p" {
inherit profile preset tune;
};
# https://en.wikipedia.org/wiki/H.264/MPEG-4_AVC#Profiles # https://en.wikipedia.org/wiki/H.264/MPEG-4_AVC#Profiles
profiles = [ profiles = [
@ -92,21 +95,11 @@ let
#"slower" #"slower"
"veryslow" "veryslow"
]; ];
tunes = [ tunes = [ "film" "animation" "grain" "stillimage" "fastdecode" ];
"film"
"animation"
"grain"
"stillimage"
"fastdecode"
];
ffmpegs = lib.crossLists ffmpegs = lib.crossLists ffmpegDescriptive [ profiles presets ];
ffmpegDescriptive
[ profiles presets ];
ffmpegsTune = lib.crossLists ffmpegsTune = lib.crossLists ffmpegDescriptiveTune [ profiles presets tunes ];
ffmpegDescriptiveTune
[ profiles presets tunes ];
in { in {
@ -114,7 +107,6 @@ in {
enable = mkEnableOption "enable programs.custom.ffmpeg"; enable = mkEnableOption "enable programs.custom.ffmpeg";
}; };
config = mkIf cfg.enable { config =
environment.systemPackages = ffmpegs ++ ffmpegsTune; mkIf cfg.enable { environment.systemPackages = ffmpegs ++ ffmpegsTune; };
};
} }

5
modules/programs/git.nix
View file

@ -8,11 +8,12 @@ let
in { in {
options.programs.custom.git.enable = mkEnableOption "install git and all its tools"; options.programs.custom.git.enable =
mkEnableOption "install git and all its tools";
config = mkIf cfg.enable { config = mkIf cfg.enable {
environment.systemPackages = with pkgs ; [ environment.systemPackages = with pkgs; [
git git
tig tig
git-crypt git-crypt

2
modules/programs/q.nix
View file

@ -27,7 +27,7 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
environment.systemPackages = [ environment.systemPackages = [
(pkgs.q.override{ (pkgs.q.override {
timeZones = cfg.timeZones; timeZones = cfg.timeZones;
enableIntelBacklight = cfg.enableIntelBacklight; enableIntelBacklight = cfg.enableIntelBacklight;
enableBattery = cfg.enableBattery; enableBattery = cfg.enableBattery;

101
modules/programs/shell-bash.nix
View file

@ -1,6 +1,5 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let let cfg = config.programs.custom.bash;
cfg = config.programs.custom.bash;
in { in {
options.programs.custom.bash.enable = lib.mkEnableOption "enable bash config"; options.programs.custom.bash.enable = lib.mkEnableOption "enable bash config";
@ -15,64 +14,66 @@ in {
# Configure Shell # Configure Shell
# --------------- # ---------------
interactiveShellInit = /* sh */ '' interactiveShellInit = # sh
# use vi shortcuts ''
# ---------------- # use vi shortcuts
set -o vi # ----------------
set -o vi
# Configure ls-colors # Configure ls-colors
# ------------------- # -------------------
export LS_COLORS='rs=0:di=01;35:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=01;05;37;41:mi=01;05;37;41:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;33:*.tar=01;31:*.tgz=01;31:*.arc=01;31:*.arj=01;31:*.taz=01;31:*.lha=01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.tzo=01;31:*.t7z=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lrz=01;31:*.lz=01;31:*.lzo=01;31:*.xz=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.alz=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.cab=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.ogv=01;35:*.ogx=01;35::*.aac=00;36:*.au=00;36:*.flac=00;36:*.m4a=00;36:*.mid=00;36:*.midi=00;36:*.mka=00;36:*.mp3=00;36:*.mpc=00;36:*.ogg=00;36:*.ra=00;36:*.wav=00;36:*.oga=00;36:*.opus=00;36:*.spx=00;36:*.xspf=00;36:' export LS_COLORS='rs=0:di=01;35:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=01;05;37;41:mi=01;05;37;41:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;33:*.tar=01;31:*.tgz=01;31:*.arc=01;31:*.arj=01;31:*.taz=01;31:*.lha=01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.tzo=01;31:*.t7z=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lrz=01;31:*.lz=01;31:*.lzo=01;31:*.xz=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.alz=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.cab=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.ogv=01;35:*.ogx=01;35::*.aac=00;36:*.au=00;36:*.flac=00;36:*.m4a=00;36:*.mid=00;36:*.midi=00;36:*.mka=00;36:*.mp3=00;36:*.mpc=00;36:*.ogg=00;36:*.ra=00;36:*.wav=00;36:*.oga=00;36:*.opus=00;36:*.spx=00;36:*.xspf=00;36:'
''; '';
# Configure Prompt # Configure Prompt
# ---------------- # ----------------
promptInit = /* sh */ '' promptInit = # sh
# PS1 content functions ''
# --------------------- # PS1 content functions
function nonzero_return() { # ---------------------
RETVAL=$? function nonzero_return() {
[ $RETVAL -ne 0 ] && echo "[> $RETVAL <] " RETVAL=$?
} [ $RETVAL -ne 0 ] && echo "[> $RETVAL <] "
}
# Provide a nice prompt # Provide a nice prompt
# --------------------- # ---------------------
case $TERM in case $TERM in
xterm*|rxvt*|Eterm) xterm*|rxvt*|Eterm)
# used : http://ezprompt.net/ # used : http://ezprompt.net/
USER_COLOR="\[\e[36m\]\u\[\e[m\]\[\e[32m\]@\[\e[m\]\[\e[36m\]\h\[\e[m\]" USER_COLOR="\[\e[36m\]\u\[\e[m\]\[\e[32m\]@\[\e[m\]\[\e[36m\]\h\[\e[m\]"
CURRENT_PATH="\[\e[33m\][\[\e[m\]\[\e[33m\]\w\[\e[m\]\[\e[33m\]]\[\e[m\]" CURRENT_PATH="\[\e[33m\][\[\e[m\]\[\e[33m\]\w\[\e[m\]\[\e[33m\]]\[\e[m\]"
if [[ $UID -eq 0 ]] if [[ $UID -eq 0 ]]
then then
USER_COLOR="\[\e[31m\]\u\[\e[m\]\[\e[32m\]@\[\e[m\]\[\e[31m\]\h\[\e[m\]" USER_COLOR="\[\e[31m\]\u\[\e[m\]\[\e[32m\]@\[\e[m\]\[\e[31m\]\h\[\e[m\]"
fi fi
export PS1="\[\e[31m\]\`nonzero_return\`\[\e[m\]\[\e[35m\]\A\[\e[m\] $USER_COLOR $CURRENT_PATH\[\e[31m\]\\$\[\e[m\] " export PS1="\[\e[31m\]\`nonzero_return\`\[\e[m\]\[\e[35m\]\A\[\e[m\] $USER_COLOR $CURRENT_PATH\[\e[31m\]\\$\[\e[m\] "
;; ;;
screen) screen)
export PS1="\[\e[31m\]\`nonzero_return\`\[\e[m\]\[\e[35m\]\A\[\e[m\] \[\e[36m\]\u\[\e[m\]\[\e[32m\]@\[\e[m\]\[\e[36m\]\h\[\e[m\] \[\e[33m\][\[\e[m\]\[\e[33m\]\W\[\e[m\]\[\e[33m\]]\[\e[m\]\[\e[31m\]\\$\[\e[m\] " export PS1="\[\e[31m\]\`nonzero_return\`\[\e[m\]\[\e[35m\]\A\[\e[m\] \[\e[36m\]\u\[\e[m\]\[\e[32m\]@\[\e[m\]\[\e[36m\]\h\[\e[m\] \[\e[33m\][\[\e[m\]\[\e[33m\]\W\[\e[m\]\[\e[33m\]]\[\e[m\]\[\e[31m\]\\$\[\e[m\] "
;; ;;
esac esac
''; '';
# Shell Aliases # Shell Aliases
# ------------- # -------------
shellAliases = { shellAliases = {
ls = "ls --color=tty"; ls = "ls --color=tty";
l = "ls -CFh"; l = "ls -CFh";
la = "ls -Ah"; la = "ls -Ah";
ll = "ls -lh" ; ll = "ls -lh";
lt = "ls -lct --reverse"; lt = "ls -lct --reverse";
less = "less -S"; less = "less -S";
top = "htop"; top = "htop";
todo = "task todo"; todo = "task todo";
active = "task active"; active = "task active";
version = "date '+%Y%m%d%H%M%S'"; version = "date '+%Y%m%d%H%M%S'";
vclip = "xclip -selection clipboard"; vclip = "xclip -selection clipboard";
df = "df -h"; df = "df -h";
nix-search = "nix-env -qaP"; nix-search = "nix-env -qaP";
nix-list = "nix-env -qaP \"*\" --description"; nix-list = ''nix-env -qaP "*" --description'';
nix-list-haskell = "nix-env -f \"<nixpkgs>\" -qaP -A haskellPackages"; nix-list-haskell = ''nix-env -f "<nixpkgs>" -qaP -A haskellPackages'';
nix-show-garbadge-roots = "ls -lh /nix/var/nix/gcroots/auto/"; nix-show-garbadge-roots = "ls -lh /nix/var/nix/gcroots/auto/";
@ -83,5 +84,3 @@ in {
}; };
} }

47
modules/programs/shell-tools.nix
View file

@ -5,39 +5,38 @@ with lib;
let let
xterm-colors = pkgs.writeShellScriptBin "256-xterm-colors" xterm-colors = pkgs.writeShellScriptBin "256-xterm-colors"
/* sh */ '' # sh
for i in {0..255} ; do ''
printf "\x1b[38;5;%sm%3d\e[0m " "$i" "$i" for i in {0..255} ; do
if (( i == 15 )) || (( i > 15 )) && (( (i-15) % 6 == 0 )); then printf "\x1b[38;5;%sm%3d\e[0m " "$i" "$i"
printf "\n"; if (( i == 15 )) || (( i > 15 )) && (( (i-15) % 6 == 0 )); then
fi printf "\n";
done fi
''; done
'';
xterm-background-colors = pkgs.writeShellScriptBin "256-xterm-colors-background"
/* sh */ ''
for i in {0..255} ; do
printf "\x1b[48;5;%sm%3d\e[0m " "$i" "$i"
if (( i == 15 )) || (( i > 15 )) && (( (i-15) % 6 == 0 )); then
printf "\n";
fi
done
'';
xterm-background-colors = pkgs.writeShellScriptBin
"256-xterm-colors-background"
# sh
''
for i in {0..255} ; do
printf "\x1b[48;5;%sm%3d\e[0m " "$i" "$i"
if (( i == 15 )) || (( i > 15 )) && (( (i-15) % 6 == 0 )); then
printf "\n";
fi
done
'';
cfg = config.programs.custom.shellTools; cfg = config.programs.custom.shellTools;
in { in {
options.programs.custom.shellTools.enable = mkEnableOption "enable shell tools"; options.programs.custom.shellTools.enable =
mkEnableOption "enable shell tools";
config = mkIf cfg.enable { config = mkIf cfg.enable {
environment.systemPackages = [ environment.systemPackages = [ xterm-colors xterm-background-colors ];
xterm-colors
xterm-background-colors
];
}; };
} }

168
modules/programs/shell-zsh.nix
View file

@ -12,7 +12,7 @@ in {
enable = mkEnableOption "enable zsh"; enable = mkEnableOption "enable zsh";
mainUser = mkOption { mainUser = mkOption {
type = with types; nullOr str; type = with types; nullOr str;
default = null; default = null;
description = '' description = ''
the main User if available the main User if available
@ -25,8 +25,8 @@ in {
programs.zsh = { programs.zsh = {
enable = true; enable = true;
enableCompletion = true; enableCompletion = true;
#autosuggestions.enable = true; #autosuggestions.enable = true;
syntaxHighlighting.enable = true; syntaxHighlighting.enable = true;
@ -56,26 +56,26 @@ in {
export TERM="xterm-256color" export TERM="xterm-256color"
''; '';
shellAliases = { shellAliases = {
ls = "ls --color=tty"; ls = "ls --color=tty";
l = "ls -CFh"; l = "ls -CFh";
la = "ls -Ah"; la = "ls -Ah";
ll = "ls -lh" ; ll = "ls -lh";
lt = "ls -lct --reverse"; lt = "ls -lct --reverse";
less = "less -S"; less = "less -S";
top = "htop"; top = "htop";
todo = "task todo"; todo = "task todo";
active = "task active"; active = "task active";
version = "date '+%Y%m%d%H%M%S'"; version = "date '+%Y%m%d%H%M%S'";
vclip = "xclip -selection clipboard"; vclip = "xclip -selection clipboard";
df = "df -h"; df = "df -h";
timestamp = "date +%Y%m%d%H%M%S"; timestamp = "date +%Y%m%d%H%M%S";
nix-search = "nix-env -qaP"; nix-search = "nix-env -qaP";
nix-list = "nix-env -qaP \"*\" --description"; nix-list = ''nix-env -qaP "*" --description'';
nix-list-haskell = "nix-env -f \"<nixpkgs>\" -qaP -A haskellPackages"; nix-list-haskell = ''nix-env -f "<nixpkgs>" -qaP -A haskellPackages'';
nix-list-node = "nix-env -f \"<nixpkgs>\" -qaP -A nodePackages"; nix-list-node = ''nix-env -f "<nixpkgs>" -qaP -A nodePackages'';
nix-list-beam = "nix-env -f \"<nixpkgs>\" -qaP -A beamPackages"; nix-list-beam = ''nix-env -f "<nixpkgs>" -qaP -A beamPackages'';
# nix-find = "clear ; ${pkgs.nix-index}/bin/nix-locate -1 -w"; # nix-find = "clear ; ${pkgs.nix-index}/bin/nix-locate -1 -w";
nix-show-garbadge-roots = "ls -lh /nix/var/nix/gcroots/auto/"; nix-show-garbadge-roots = "ls -lh /nix/var/nix/gcroots/auto/";
@ -90,90 +90,88 @@ in {
# only used to make quick config changes # only used to make quick config changes
# -------------------------------------- # --------------------------------------
environment.etc."zshcustom/mainuser.zsh".source = environment.etc."zshcustom/mainuser.zsh".source =
pkgs.writeText "mainuser-zsh" ( pkgs.writeText "mainuser-zsh" (if (cfg.mainUser != null) then ''
if ( cfg.mainUser != null ) source ${config.users.users.mainUser.home}/.zshrc
then '' else
'' "# programs.custom.zsh.mainUser not set ");
source ${config.users.users.mainUser.home}/.zshrc
''
else '' # programs.custom.zsh.mainUser not set '' );
# Theme # Theme
# ----- # -----
# make sure powerline-fonts is set in `fonts.fonts` # make sure powerline-fonts is set in `fonts.fonts`
environment.etc."zshcustom/themes/powerlevel9k".source = pkgs.fetchFromGitHub { environment.etc."zshcustom/themes/powerlevel9k".source =
owner = "bhilburn"; pkgs.fetchFromGitHub {
repo = "powerlevel9k"; owner = "bhilburn";
rev = "v0.6.4"; repo = "powerlevel9k";
sha256 = "104wvlni3rilpw9v1dk848lnw8cm8qxl64xs70j04ly4s959dyb5"; rev = "v0.6.4";
}; sha256 = "104wvlni3rilpw9v1dk848lnw8cm8qxl64xs70j04ly4s959dyb5";
environment.etc."zshcustom/powerlevel9kpatch.zsh".source = pkgs.writeText "powerlevel9kpatch.zsh" '' };
environment.etc."zshcustom/powerlevel9kpatch.zsh".source =
pkgs.writeText "powerlevel9kpatch.zsh" ''
# this shows all the colors which are available # this shows all the colors which are available
# --------------------------------------------- # ---------------------------------------------
# for code ({000..255}) print -P -- "$code: %F{$code}This is how your text would look like%f" # for code ({000..255}) print -P -- "$code: %F{$code}This is how your text would look like%f"
# prompt elements # prompt elements
# --------------- # ---------------
POWERLEVEL9K_LEFT_PROMPT_ELEMENTS=(vi_mode context dir vcs custom_jail background_jobs time status) POWERLEVEL9K_LEFT_PROMPT_ELEMENTS=(vi_mode context dir vcs custom_jail background_jobs time status)
POWERLEVEL9K_RIGHT_PROMPT_ELEMENTS=() POWERLEVEL9K_RIGHT_PROMPT_ELEMENTS=()
# vi mode # vi mode
# ------- # -------
POWERLEVEL9K_VI_MODE_INSERT_FOREGROUND="black" POWERLEVEL9K_VI_MODE_INSERT_FOREGROUND="black"
POWERLEVEL9K_VI_MODE_INSERT_BACKGROUND="blue" POWERLEVEL9K_VI_MODE_INSERT_BACKGROUND="blue"
POWERLEVEL9K_VI_MODE_NORMAL_FOREGROUND="black" POWERLEVEL9K_VI_MODE_NORMAL_FOREGROUND="black"
POWERLEVEL9K_VI_MODE_NORMAL_BACKGROUND="yellow" POWERLEVEL9K_VI_MODE_NORMAL_BACKGROUND="yellow"
# context # context
# ------- # -------
POWERLEVEL9K_CONTEXT_DEFAULT_FOREGROUND="green" POWERLEVEL9K_CONTEXT_DEFAULT_FOREGROUND="green"
POWERLEVEL9K_CONTEXT_DEFAULT_BACKGROUND="008" POWERLEVEL9K_CONTEXT_DEFAULT_BACKGROUND="008"
POWERLEVEL9K_CONTEXT_ROOT_FOREGROUND="008" POWERLEVEL9K_CONTEXT_ROOT_FOREGROUND="008"
POWERLEVEL9K_CONTEXT_ROOT_BACKGROUND="red" POWERLEVEL9K_CONTEXT_ROOT_BACKGROUND="red"
POWERLEVEL9K_CONTEXT_REMOTE_FOREGROUND="008" POWERLEVEL9K_CONTEXT_REMOTE_FOREGROUND="008"
POWERLEVEL9K_CONTEXT_REMOTE_BACKGROUND="red" POWERLEVEL9K_CONTEXT_REMOTE_BACKGROUND="red"
# dir # dir
# --- # ---
POWERLEVEL9K_DIR_HOME_FOREGROUND="black" POWERLEVEL9K_DIR_HOME_FOREGROUND="black"
POWERLEVEL9K_DIR_HOME_BACKGROUND="yellow" POWERLEVEL9K_DIR_HOME_BACKGROUND="yellow"
POWERLEVEL9K_DIR_HOME_SUBFOLDER_FOREGROUND="black" POWERLEVEL9K_DIR_HOME_SUBFOLDER_FOREGROUND="black"
POWERLEVEL9K_DIR_HOME_SUBFOLDER_BACKGROUND="yellow" POWERLEVEL9K_DIR_HOME_SUBFOLDER_BACKGROUND="yellow"
POWERLEVEL9K_DIR_DEFAULT_FOREGROUND="black" POWERLEVEL9K_DIR_DEFAULT_FOREGROUND="black"
POWERLEVEL9K_DIR_DEFAULT_BACKGROUND="green" POWERLEVEL9K_DIR_DEFAULT_BACKGROUND="green"
# root_indicator # root_indicator
# -------------- # --------------
POWERLEVEL9K_ROOT_ICON="#" POWERLEVEL9K_ROOT_ICON="#"
POWERLEVEL9K_ROOT_INDICATOR_FOREGROUND="black" POWERLEVEL9K_ROOT_INDICATOR_FOREGROUND="black"
POWERLEVEL9K_ROOT_INDICATOR_BACKGROUND="red" POWERLEVEL9K_ROOT_INDICATOR_BACKGROUND="red"
# background_jobs # background_jobs
# --------------- # ---------------
POWERLEVEL9K_BACKGROUND_JOBS_ICON="" POWERLEVEL9K_BACKGROUND_JOBS_ICON=""
# status # status
# ------ # ------
POWERLEVEL9K_STATUS_OK_BACKGROUND="008" POWERLEVEL9K_STATUS_OK_BACKGROUND="008"
POWERLEVEL9K_STATUS_ERROR_BACKGROUND="008" POWERLEVEL9K_STATUS_ERROR_BACKGROUND="008"
# time # time
# ---- # ----
POWERLEVEL9K_TIME_FOREGROUND="008" POWERLEVEL9K_TIME_FOREGROUND="008"
POWERLEVEL9K_TIME_BACKGROUND="006" POWERLEVEL9K_TIME_BACKGROUND="006"
# jail indicator # jail indicator
# -------------- # --------------
POWERLEVEL9K_CUSTOM_JAIL="[ -z $JAIL ] || echo $JAIL" POWERLEVEL9K_CUSTOM_JAIL="[ -z $JAIL ] || echo $JAIL"
POWERLEVEL9K_CUSTOM_JAIL_BACKGROUND="red" POWERLEVEL9K_CUSTOM_JAIL_BACKGROUND="red"
POWERLEVEL9K_CUSTOM_JAIL_FOREGROUND="black" POWERLEVEL9K_CUSTOM_JAIL_FOREGROUND="black"
''; '';
}; };
} }

145
modules/programs/slack.nix
View file

@ -14,72 +14,64 @@ let
# --------------------------- # ---------------------------
command = "${pkgs.slack}/bin/slack"; command = "${pkgs.slack}/bin/slack";
desktopFile = desktopFile = let
let name = program;
name = program; comment = "Chat Programm";
comment = "Chat Programm"; in pkgs.writeTextFile {
in name = "${name}.desktop";
pkgs.writeTextFile { destination = "/share/applications/${name}.desktop";
name = "${name}.desktop" ; text = ''
destination = "/share/applications/${name}.desktop"; [Desktop Entry]
text = '' Categories=Application;Utility;
[Desktop Entry] Comment=${comment}
Categories=Application;Utility; Encoding=UTF-8
Comment=${comment} Exec=${bin}/bin/${name}
Encoding=UTF-8 Icon=gnome-lockscreen
Exec=${bin}/bin/${name} Name=${name}
Icon=gnome-lockscreen Terminal=false
Name=${name} Type=Application
Terminal=false '';
Type=Application };
'';
};
# the script # the script
# ---------- # ----------
bin = bin = let
let backupFile = "${cfg.homeBackup}.tar.lzma";
backupFile = "${cfg.homeBackup}.tar.lzma"; rolloutFile = "${cfg.home}.tar.lzma";
rolloutFile = "${cfg.home}.tar.lzma"; lockFile = "${cfg.home}-lock";
lockFile = "${cfg.home}-lock"; in pkgs.writeShellScriptBin "${program}" ''
in # set -x
pkgs.writeShellScriptBin "${program}" '' if [[ ! -e ${lockFile} ]]
# set -x then
if [[ ! -e ${lockFile} ]] # rollout backup
then if [[ -e ${backupFile} ]]
# rollout backup then
if [[ -e ${backupFile} ]] cp ${backupFile} ${rolloutFile}
then sudo -u ${program} ${tarBin} xf ${rolloutFile} --directory ${cfg.home}
cp ${backupFile} ${rolloutFile} rm ${rolloutFile}
sudo -u ${program} ${tarBin} xf ${rolloutFile} --directory ${cfg.home} touch ${lockFile}
rm ${rolloutFile} fi
touch ${lockFile} fi
fi
fi
sudo -u ${program} ${command} sudo -u ${program} ${command}
''; '';
backupScript = pkgs.writeShellScriptBin "${program}-backup" ''
sudo -u ${program} \
${tarBin} \
--exclude=.cache \
--exclude=".config/**/*Cache*" \
--exclude-cache-all \
--exclude=Downloads \
--create \
--verbos \
--lzma \
--file ${cfg.home}.tar.lzma \
--directory ${cfg.home} \
.
cp ${cfg.home}.tar.lzma ${cfg.homeBackup}.tar.lzma
backupScript = '';
pkgs.writeShellScriptBin "${program}-backup" ''
sudo -u ${program} \
${tarBin} \
--exclude=.cache \
--exclude=".config/**/*Cache*" \
--exclude-cache-all \
--exclude=Downloads \
--create \
--verbos \
--lzma \
--file ${cfg.home}.tar.lzma \
--directory ${cfg.home} \
.
cp ${cfg.home}.tar.lzma ${cfg.homeBackup}.tar.lzma
'';
cfg = config.programs.custom.slack; cfg = config.programs.custom.slack;
@ -89,7 +81,7 @@ in {
enable = mkEnableOption "install slack"; enable = mkEnableOption "install slack";
homeBackup = mkOption { homeBackup = mkOption {
type = with types; nullOr string; type = with types; nullOr string;
description = '' description = ''
folder where to backup folder where to backup
''; '';
@ -97,7 +89,7 @@ in {
# todo : make sure the folder /home/sudoers belongs to mainUser # todo : make sure the folder /home/sudoers belongs to mainUser
home = mkOption { home = mkOption {
type = with types; string; type = with types; string;
default = "/home/sudoers/slack"; default = "/home/sudoers/slack";
description = '' description = ''
home folder of this home folder of this
@ -108,28 +100,23 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
security.sudo.extraConfig = security.sudo.extraConfig = ''
'' ${config.users.users.mainUser.name} ALL=(${program}) NOPASSWD: ALL
${config.users.users.mainUser.name} ALL=(${program}) NOPASSWD: ALL '';
'';
# create users # create users
users.users."${program}" = { users.users."${program}" = {
home = cfg.home; home = cfg.home;
createHome = true; createHome = true;
# initialPassword = "${program}"; # initialPassword = "${program}";
shell = pkgs.bashInteractive; shell = pkgs.bashInteractive;
isNormalUser = true; isNormalUser = true;
group = "users"; group = "users";
# enable video usage # enable video usage
extraGroups = [ "video" "audio" ]; extraGroups = [ "video" "audio" ];
}; };
environment.systemPackages = [ environment.systemPackages = [ bin backupScript desktopFile ];
bin
backupScript
desktopFile
];
}; };
} }

6
modules/programs/steam.nix
View file

@ -29,9 +29,9 @@ in {
users.users.steam = { users.users.steam = {
isNormalUser = true; isNormalUser = true;
home = "/home/steam"; home = "/home/steam";
createHome = true; createHome = true;
extraGroups = [ "audio" "input" "video" ]; extraGroups = [ "audio" "input" "video" ];
}; };
# for steam # for steam

25
modules/programs/taskwarrior.nix
View file

@ -6,21 +6,24 @@ let
cfg = config.programs.custom.taskwarrior; cfg = config.programs.custom.taskwarrior;
taskNextWeek = pkgs.writeShellScriptBin "taskweek" /* sh */ '' taskNextWeek = pkgs.writeShellScriptBin "taskweek" # sh
${pkgs.taskwarrior}/bin/task \ ''
export \ ${pkgs.taskwarrior}/bin/task \
status:pending and \( due.before:6days \) \ export \
| ${pkgs.jq}/bin/jq '[.[] | { Day: .due, ID: .id, Description: .description } ] | sort_by(.Day)' \ status:pending and \( due.before:6days \) \
| ${pkgs.miller}/bin/mlr --ijson --opprint put "\$Day = strftime(strptime(\$Day,\"%Y%m%dT%H%M%SZ\")$(date +%z)00,\"%A\")" | ${pkgs.jq}/bin/jq '[.[] | { Day: .due, ID: .id, Description: .description } ] | sort_by(.Day)' \
''; | ${pkgs.miller}/bin/mlr --ijson --opprint put "\$Day = strftime(strptime(\$Day,\"%Y%m%dT%H%M%SZ\")$(date +%z)00,\"%A\")"
'';
tsak = pkgs.writeShellScriptBin "tsak" /* sh */ '' tsak = pkgs.writeShellScriptBin "tsak" # sh
${pkgs.taskwarrior}/bin/task "$@" ''
''; ${pkgs.taskwarrior}/bin/task "$@"
'';
in { in {
options.programs.custom.taskwarrior.enable = mkEnableOption "Enable Taskwarrior services"; options.programs.custom.taskwarrior.enable =
mkEnableOption "Enable Taskwarrior services";
config = mkIf cfg.enable { config = mkIf cfg.enable {

89
modules/programs/urxvt.nix
View file

@ -13,15 +13,15 @@ in {
enable = mkEnableOption "configure and enable urxvt"; enable = mkEnableOption "configure and enable urxvt";
fontSize = mkOption { fontSize = mkOption {
type = types.int; type = types.int;
default = 17; default = 17;
description = '' description = ''
size of the terminal font size of the terminal font
''; '';
}; };
colorTheme = mkOption { colorTheme = mkOption {
type = types.enum[ "dark" "light" ]; type = types.enum [ "dark" "light" ];
default = "dark"; default = "dark";
description = '' description = ''
solarized color theme solarized color theme
@ -64,31 +64,44 @@ in {
''; '';
"X11/Xresource.d/urxvt-font".source = let "X11/Xresource.d/urxvt-font".source = let
fontFamily = "terminus"; fontFamily = "terminus";
normalFont = fontSize: "-*-${fontFamily}-medium-*-*-*-${toString fontSize}-*-*-*-*-*-*-*"; normalFont = fontSize:
boldFont = fontSize: "-*-${fontFamily}-bold-*-*-*-${toString fontSize}-*-*-*-*-*-*-*"; "-*-${fontFamily}-medium-*-*-*-${toString fontSize}-*-*-*-*-*-*-*";
italicFont = normalFont; boldFont = fontSize:
itallicBoldFont = boldFont; "-*-${fontFamily}-bold-*-*-*-${toString fontSize}-*-*-*-*-*-*-*";
backupFont = fontSize: "xft:TerminessTTF Nerd Font:pixelsize=${toString fontSize}"; italicFont = normalFont;
itallicBoldFont = boldFont;
backupFont = fontSize:
"xft:TerminessTTF Nerd Font:pixelsize=${toString fontSize}";
fontCommand = key: fontSize: '' fontCommand = key: fontSize: ''
URxvt.keysym.M-${key}: command:\033]710;${normalFont fontSize},${backupFont fontSize}\007\033]711;${boldFont fontSize},${backupFont fontSize}\007 URxvt.keysym.M-${key}: command:\033]710;${normalFont fontSize},${
''; backupFont fontSize
}\007\033]711;${boldFont fontSize},${backupFont fontSize}\007
'';
in pkgs.writeText "Xresource-urxvt-font" '' in pkgs.writeText "Xresource-urxvt-font" ''
URxvt.allow_bold: true URxvt.allow_bold: true
URxvt.xftAntialias: true URxvt.xftAntialias: true
!! use xfontsel or fontmatrix to choose line !! use xfontsel or fontmatrix to choose line
!URxvt.font: ${normalFont cfg.fontSize},${backupFont cfg.fontSize} !URxvt.font: ${normalFont cfg.fontSize},${
!URxvt.boldFont: ${boldFont cfg.fontSize},${backupFont cfg.fontSize} backupFont cfg.fontSize
!URxvt.italicFont: ${italicFont cfg.fontSize},${backupFont cfg.fontSize} }
!URxvt.bolditalicFont: ${itallicBoldFont cfg.fontSize},${backupFont cfg.fontSize} !URxvt.boldFont: ${boldFont cfg.fontSize},${
backupFont cfg.fontSize
}
!URxvt.italicFont: ${italicFont cfg.fontSize},${
backupFont cfg.fontSize
}
!URxvt.bolditalicFont: ${itallicBoldFont cfg.fontSize},${
backupFont cfg.fontSize
}
URxvt.font: ${normalFont cfg.fontSize} URxvt.font: ${normalFont cfg.fontSize}
URxvt.boldFont: ${boldFont cfg.fontSize} URxvt.boldFont: ${boldFont cfg.fontSize}
URxvt.italicFont: ${italicFont cfg.fontSize} URxvt.italicFont: ${italicFont cfg.fontSize}
URxvt.bolditalicFont: ${itallicBoldFont cfg.fontSize} URxvt.bolditalicFont: ${itallicBoldFont cfg.fontSize}
${fontCommand "F1" cfg.fontSize} ${fontCommand "F1" cfg.fontSize}
@ -97,26 +110,25 @@ in {
${fontCommand "F4" (cfg.fontSize + 20)} ${fontCommand "F4" (cfg.fontSize + 20)}
''; '';
"X11/Xresource.d/urxvt-colors".source = "X11/Xresource.d/urxvt-colors".source = let
let
colorTheme = if (cfg.colorTheme == "dark") then '' colorTheme = if (cfg.colorTheme == "dark") then ''
#define S_base03 #002b36 #define S_base03 #002b36
#define S_base02 #073642 #define S_base02 #073642
#define S_base01 #586e75 #define S_base01 #586e75
#define S_base00 #657b83 #define S_base00 #657b83
#define S_base0 #839496 #define S_base0 #839496
#define S_base1 #93a1a1 #define S_base1 #93a1a1
#define S_base2 #eee8d5 #define S_base2 #eee8d5
#define S_base3 #fdf6e3 #define S_base3 #fdf6e3
'' else '' '' else ''
#define S_base03 #fdf6e3 #define S_base03 #fdf6e3
#define S_base02 #eee8d5 #define S_base02 #eee8d5
#define S_base01 #93a1a1 #define S_base01 #93a1a1
#define S_base00 #839496 #define S_base00 #839496
#define S_base0 #657b83 #define S_base0 #657b83
#define S_base1 #586e75 #define S_base1 #586e75
#define S_base2 #073642 #define S_base2 #073642
#define S_base3 #002b36 #define S_base3 #002b36
''; '';
in pkgs.writeText "Xresource-urxvt-colors" '' in pkgs.writeText "Xresource-urxvt-colors" ''
@ -166,4 +178,3 @@ in {
}; };
} }

555
modules/programs/vim.nix
View file

@ -5,313 +5,314 @@ let
cfg = config.programs.custom.vim; cfg = config.programs.custom.vim;
nix-xptemplates = pkgs.writeTextFile { nix-xptemplates = pkgs.writeTextFile {
name = "nix-xptemplates"; name = "nix-xptemplates";
destination = "/ftplugin/nix/nix.xpt.vim"; destination = "/ftplugin/nix/nix.xpt.vim";
text = /* vim */ '' text = # vim
XPTemplate priority=personal ''
XPTemplate priority=personal
XPT option " tips XPT option " tips
`name^ = mkOption { `name^ = mkOption {
type = with types; `type^; type = with types; `type^;
description = ${"''"} description = ${"''"}
`cursor^ `cursor^
${"''"}; ${"''"};
}; };
XPT package " tips XPT package " tips
{ config, lib, ... }: { config, lib, ... }:
{ {
`cursor^ `cursor^
} }
XPT terranix" tips XPT terranix" tips
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
with lib; with lib;
let let
cfg = config.`name^; cfg = config.`name^;
in { in {
options.`name^ = mkOption { options.`name^ = mkOption {
default = {}; default = {};
type = with types; attrsOf (submodule ({ name, ... }:{ type = with types; attrsOf (submodule ({ name, ... }:{
options = { options = {
enable = mkEnableOption "`name^.name"; enable = mkEnableOption "`name^.name";
}; };
})); }));
};
config =
let
allConfigs = cfg
in
mkIf (cfg != {} ){
`cursor^
};
}
XPT module " tips
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.`name^;
in {
options.`name^ = {
enable = mkEnableOption "enable `name^";
};
config = mkIf cfg.enable {
`cursor^
};
}
XPT shell " tips
{ pkgs ? import <nixpkgs> {} }:
pkgs.mkShell {
# needed pkgs
# -----------
buildInputs = with pkgs; [
`name^
];
# run this on start
# -----------------
shellHook = ${"''"}
HISTFILE=${"$"}{toString ./.}/.history
${"''"};
}
XPT fhsUser " tips
{ pkgs ? import <nixpkgs> {} }:
(pkgs.buildFHSUserEnv {
name = "fhs-user-env";
targetPkgs = pkgs: with pkgs; [
# core stuff
# ----------
vim silver-searcher curl coreutils git tig
# common X dependencies
# ---------------------
atk cairo dbus eudev expat fontconfig freetype gdk_pixbuf glib gnome3.GConf gtk2-x11
mesa_glu nspr nss pango xlibs.libXScrnSaver xlibs.libXcomposite xlibs.libXcursor
xlibs.libXdamage xlibs.libXfixes xlibs.libXi xlibs.libXrender xlibs.libXtst xorg.libX11
xorg.libXext xorg.libXinerama xorg.libxcb
liblo zlib fftw minixml libcxx alsaLib glibc
# new stuff
# ---------
`cursor^
];
# multilib packages
# -----------------
# these are packages compiled 32bit and 64bit
multiPkgs = pkgs: with pkgs; [
];
# environment variables
# ---------------------
profile = ${"''"}
export TERM="xterm"
${"''"};
}).env
'';
}; };
config =
let
allConfigs = cfg
in
mkIf (cfg != {} ){
`cursor^
};
}
XPT module " tips
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.`name^;
in {
options.`name^ = {
enable = mkEnableOption "enable `name^";
};
config = mkIf cfg.enable {
`cursor^
};
}
XPT shell " tips
{ pkgs ? import <nixpkgs> {} }:
pkgs.mkShell {
# needed pkgs
# -----------
buildInputs = with pkgs; [
`name^
];
# run this on start
# -----------------
shellHook = ${"''"}
HISTFILE=${"$"}{toString ./.}/.history
${"''"};
}
XPT fhsUser " tips
{ pkgs ? import <nixpkgs> {} }:
(pkgs.buildFHSUserEnv {
name = "fhs-user-env";
targetPkgs = pkgs: with pkgs; [
# core stuff
# ----------
vim silver-searcher curl coreutils git tig
# common X dependencies
# ---------------------
atk cairo dbus eudev expat fontconfig freetype gdk_pixbuf glib gnome3.GConf gtk2-x11
mesa_glu nspr nss pango xlibs.libXScrnSaver xlibs.libXcomposite xlibs.libXcursor
xlibs.libXdamage xlibs.libXfixes xlibs.libXi xlibs.libXrender xlibs.libXtst xorg.libX11
xorg.libXext xorg.libXinerama xorg.libxcb
liblo zlib fftw minixml libcxx alsaLib glibc
# new stuff
# ---------
`cursor^
];
# multilib packages
# -----------------
# these are packages compiled 32bit and 64bit
multiPkgs = pkgs: with pkgs; [
];
# environment variables
# ---------------------
profile = ${"''"}
export TERM="xterm"
${"''"};
}).env
'';
};
vim-tv-plugin = with lib; vim-tv-plugin = with lib;
((rtp: rtp // { inherit rtp; }) (pkgs.write "vim-tv" { ((rtp: rtp // { inherit rtp; }) (pkgs.write "vim-tv" {
"/syntax/haskell.vim".text = /* vim */ '' "/syntax/haskell.vim".text = # vim
syn region String start=+\[[[:alnum:]]*|+ end=+|]+ ''
syn region String start=+\[[[:alnum:]]*|+ end=+|]+
hi link ConId Identifier hi link ConId Identifier
hi link VarId Identifier hi link VarId Identifier
hi link hsDelimiter Delimiter hi link hsDelimiter Delimiter
''; '';
"/syntax/nix.vim".text = /* vim */ '' "/syntax/nix.vim".text = # vim
"" Quit when a (custom) syntax file was already loaded ''
"if exists("b:current_syntax") "" Quit when a (custom) syntax file was already loaded
" finish "if exists("b:current_syntax")
"endif " finish
"endif
"setf nix "setf nix
" Ref <nix/src/libexpr/lexer.l> " Ref <nix/src/libexpr/lexer.l>
syn match NixID /[a-zA-Z\_][a-zA-Z0-9\_\'\-]*/ syn match NixID /[a-zA-Z\_][a-zA-Z0-9\_\'\-]*/
syn match NixINT /\<[0-9]\+\>/ syn match NixINT /\<[0-9]\+\>/
syn match NixPATH /[a-zA-Z0-9\.\_\-\+]*\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/ syn match NixPATH /[a-zA-Z0-9\.\_\-\+]*\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/
syn match NixHPATH /\~\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/ syn match NixHPATH /\~\(\/[a-zA-Z0-9\.\_\-\+]\+\)\+/
syn match NixSPATH /<[a-zA-Z0-9\.\_\-\+]\+\(\/[a-zA-Z0-9\.\_\-\+]\+\)*>/ syn match NixSPATH /<[a-zA-Z0-9\.\_\-\+]\+\(\/[a-zA-Z0-9\.\_\-\+]\+\)*>/
syn match NixURI /[a-zA-Z][a-zA-Z0-9\+\-\.]*:[a-zA-Z0-9\%\/\?\:\@\&\=\+\$\,\-\_\.\!\~\*\']\+/ syn match NixURI /[a-zA-Z][a-zA-Z0-9\+\-\.]*:[a-zA-Z0-9\%\/\?\:\@\&\=\+\$\,\-\_\.\!\~\*\']\+/
syn region NixSTRING syn region NixSTRING
\ matchgroup=NixSTRING
\ start='"'
\ skip='\\"'
\ end='"'
syn region NixIND_STRING
\ matchgroup=NixIND_STRING
\ start="'''"
\ skip="'''\('\|[$]\|\\[nrt]\)"
\ end="'''"
syn match NixOther /[-!+&<>|():/;=.,?\[\]*@]/
syn match NixCommentMatch /\(^\|\s\)#.*/
syn region NixCommentRegion start="/\*" end="\*/"
hi link NixCode Statement
hi link NixData Constant
hi link NixComment Comment
hi link NixCommentMatch NixComment
hi link NixCommentRegion NixComment
hi link NixID NixCode
hi link NixINT NixData
hi link NixPATH NixData
hi link NixHPATH NixData
hi link NixSPATH NixData
hi link NixURI NixData
hi link NixSTRING NixData
hi link NixIND_STRING NixData
hi link NixEnter NixCode
hi link NixOther NixCode
hi link NixQuote NixData
syn cluster nix_has_dollar_curly contains=@nix_ind_strings,@nix_strings
syn cluster nix_ind_strings contains=NixIND_STRING
syn cluster nix_strings contains=NixSTRING
${concatStringsSep "\n" (mapAttrsToList (name: {
extraStart ? null,
lang ? name
}:
let
startAlts = filter isString [
''/\* ${name} \*/''
extraStart
];
sigil = ''\(${concatStringsSep ''\|'' startAlts}\)[ \t\r\n]*'';
in /* vim */ ''
syn include @nix_${lang}_syntax syntax/${lang}.vim
if exists("b:current_syntax")
unlet b:current_syntax
endif
syn match nix_${lang}_sigil
\ X${replaceStrings ["X"] ["\\X"] sigil}\ze\('''\|"\)X
\ nextgroup=nix_${lang}_region_IND_STRING,nix_${lang}_region_STRING
\ transparent
syn region nix_${lang}_region_STRING
\ matchgroup=NixSTRING \ matchgroup=NixSTRING
\ start='"' \ start='"'
\ skip='\\"' \ skip='\\"'
\ end='"' \ end='"'
\ contained syn region NixIND_STRING
\ contains=@nix_${lang}_syntax
\ transparent
syn region nix_${lang}_region_IND_STRING
\ matchgroup=NixIND_STRING \ matchgroup=NixIND_STRING
\ start="'''" \ start="'''"
\ skip="'''\('\|[$]\|\\[nrt]\)" \ skip="'''\('\|[$]\|\\[nrt]\)"
\ end="'''" \ end="'''"
\ contained
\ contains=@nix_${lang}_syntax syn match NixOther /[-!+&<>|():/;=.,?\[\]*@]/
syn match NixCommentMatch /\(^\|\s\)#.*/
syn region NixCommentRegion start="/\*" end="\*/"
hi link NixCode Statement
hi link NixData Constant
hi link NixComment Comment
hi link NixCommentMatch NixComment
hi link NixCommentRegion NixComment
hi link NixID NixCode
hi link NixINT NixData
hi link NixPATH NixData
hi link NixHPATH NixData
hi link NixSPATH NixData
hi link NixURI NixData
hi link NixSTRING NixData
hi link NixIND_STRING NixData
hi link NixEnter NixCode
hi link NixOther NixCode
hi link NixQuote NixData
syn cluster nix_has_dollar_curly contains=@nix_ind_strings,@nix_strings
syn cluster nix_ind_strings contains=NixIND_STRING
syn cluster nix_strings contains=NixSTRING
${concatStringsSep "\n" (mapAttrsToList (name:
{ extraStart ? null, lang ? name }:
let
startAlts = filter isString [ "/\\* ${name} \\*/" extraStart ];
sigil = "\\(${concatStringsSep "\\|" startAlts}\\)[ \\t\\r\\n]*";
# vim
in ''
syn include @nix_${lang}_syntax syntax/${lang}.vim
if exists("b:current_syntax")
unlet b:current_syntax
endif
syn match nix_${lang}_sigil
\ X${replaceStrings [ "X" ] [ "\\X" ] sigil}\ze\('''\|"\)X
\ nextgroup=nix_${lang}_region_IND_STRING,nix_${lang}_region_STRING
\ transparent
syn region nix_${lang}_region_STRING
\ matchgroup=NixSTRING
\ start='"'
\ skip='\\"'
\ end='"'
\ contained
\ contains=@nix_${lang}_syntax
\ transparent
syn region nix_${lang}_region_IND_STRING
\ matchgroup=NixIND_STRING
\ start="'''"
\ skip="'''\('\|[$]\|\\[nrt]\)"
\ end="'''"
\ contained
\ contains=@nix_${lang}_syntax
\ transparent
syn cluster nix_ind_strings
\ add=nix_${lang}_region_IND_STRING
syn cluster nix_strings
\ add=nix_${lang}_region_STRING
" This is required because containedin isn't transitive.
syn cluster nix_has_dollar_curly
\ add=@nix_${lang}_syntax
'') {
c = { };
cabal = { };
diff = { };
haskell = { };
python = { };
lua = { };
sed.extraStart = ''writeSed[^ \t\r\n]*[ \t\r\n]*"[^"]*"'';
sh.extraStart = concatStringsSep "\\|" [
''
write\(A\|Ba\|Da\)sh[^ \t\r\n]*[ \t\r\n]*\("[^"]*"\|[a-z]\+\)''
"[a-z]*Phase[ \\t\\r\\n]*="
];
yaml = { };
vim.extraStart = ''
write[^ \t\r\n]*[ \t\r\n]*"\(\([^"]*\.\)\?vimrc\|[^"]*\.vim\)"'';
xdefaults = { };
})}
" Clear syntax that interferes with nixINSIDE_DOLLAR_CURLY.
syn clear shVarAssign
syn region nixINSIDE_DOLLAR_CURLY
\ matchgroup=NixEnter
\ start="[$]{"
\ end="}"
\ contains=TOP
\ containedin=@nix_has_dollar_curly
\ transparent \ transparent
syn cluster nix_ind_strings syn region nix_inside_curly
\ add=nix_${lang}_region_IND_STRING \ matchgroup=NixEnter
\ start="{"
\ end="}"
\ contains=TOP
\ containedin=nixINSIDE_DOLLAR_CURLY,nix_inside_curly
\ transparent
syn cluster nix_strings syn match NixQuote /'''\($\|\\.\)/he=s+2
\ add=nix_${lang}_region_STRING \ containedin=@nix_ind_strings
\ contained
" This is required because containedin isn't transitive. syn match NixQuote /'''\('\|\\.\)/he=s+1
syn cluster nix_has_dollar_curly \ containedin=@nix_ind_strings
\ add=@nix_${lang}_syntax \ contained
'') {
c = {};
cabal = {};
diff = {};
haskell = {};
python = {};
lua = {};
sed.extraStart = ''writeSed[^ \t\r\n]*[ \t\r\n]*"[^"]*"'';
sh.extraStart = concatStringsSep ''\|'' [
''write\(A\|Ba\|Da\)sh[^ \t\r\n]*[ \t\r\n]*\("[^"]*"\|[a-z]\+\)''
''[a-z]*Phase[ \t\r\n]*=''
];
yaml = {};
vim.extraStart =
''write[^ \t\r\n]*[ \t\r\n]*"\(\([^"]*\.\)\?vimrc\|[^"]*\.vim\)"'';
xdefaults = {};
})}
" Clear syntax that interferes with nixINSIDE_DOLLAR_CURLY. syn match NixQuote /\\./he=s+1
syn clear shVarAssign \ containedin=@nix_strings
\ contained
syn region nixINSIDE_DOLLAR_CURLY syn sync fromstart
\ matchgroup=NixEnter
\ start="[$]{"
\ end="}"
\ contains=TOP
\ containedin=@nix_has_dollar_curly
\ transparent
syn region nix_inside_curly let b:current_syntax = "nix"
\ matchgroup=NixEnter
\ start="{"
\ end="}"
\ contains=TOP
\ containedin=nixINSIDE_DOLLAR_CURLY,nix_inside_curly
\ transparent
syn match NixQuote /'''\(''$\|\\.\)/he=s+2 set isk=@,48-57,_,192-255,-,'
\ containedin=@nix_ind_strings '';
\ contained "/syntax/sed.vim".text = # vim
''
syn match NixQuote /'''\('\|\\.\)/he=s+1 syn region sedBranch
\ containedin=@nix_ind_strings \ matchgroup=sedFunction start="T"
\ contained \ matchgroup=sedSemicolon end=";\|$"
\ contains=sedWhitespace
syn match NixQuote /\\./he=s+1 '';
\ containedin=@nix_strings
\ contained
syn sync fromstart
let b:current_syntax = "nix"
set isk=@,48-57,_,192-255,-,'
'';
"/syntax/sed.vim".text = /* vim */ ''
syn region sedBranch
\ matchgroup=sedFunction start="T"
\ matchgroup=sedSemicolon end=";\|$"
\ contains=sedWhitespace
'';
})); }));
# active plugins # active plugins
# -------------- # --------------
extra-runtimepath = with pkgs; lib.concatMapStringsSep "," (pkg: "${pkg.rtp}") [ extra-runtimepath = with pkgs;
vimPlugins.Syntastic lib.concatMapStringsSep "," (pkg: "${pkg.rtp}") [
vimPlugins.ack-vim vimPlugins.Syntastic
vimPlugins.airline vimPlugins.ack-vim
vimPlugins.vim-nix vimPlugins.airline
vimPlugins.xptemplate vimPlugins.vim-nix
vim-tv-plugin vimPlugins.xptemplate
]; vim-tv-plugin
];
# the vimrc # the vimrc
# --------- # ---------
@ -392,9 +393,7 @@ in {
# install vim # install vim
# ----------- # -----------
environment.systemPackages = [ environment.systemPackages = [ pkgs.vim ];
pkgs.vim
];
}; };
} }

205
modules/programs/xterm.nix
View file

@ -8,17 +8,17 @@ let
in { in {
options.programs.custom.xterm= { options.programs.custom.xterm = {
enable = mkEnableOption "configure and enable urxvt"; enable = mkEnableOption "configure and enable urxvt";
fontSize = mkOption { fontSize = mkOption {
type = types.int; type = types.int;
default = 17; default = 17;
description = '' description = ''
size of the terminal font size of the terminal font
''; '';
}; };
colorTheme = mkOption { colorTheme = mkOption {
type = types.enum[ "dark" "light" ]; type = types.enum [ "dark" "light" ];
default = "dark"; default = "dark";
description = '' description = ''
solarized color theme solarized color theme
@ -32,113 +32,120 @@ in {
environment.etc = { environment.etc = {
"X11/Xresource.d/xterm".source = pkgs.writeText "Xresource-xterm" '' "X11/Xresource.d/xterm".source = pkgs.writeText "Xresource-xterm" ''
XTerm*termName: xterm-256color XTerm*termName: xterm-256color
XTerm*selectToClipboard: true XTerm*selectToClipboard: true
XTerm.*.bellIsUrgent: true XTerm.*.bellIsUrgent: true
'';
"X11/Xresource.d/xterm-font".source = let
fontFamily = "terminus";
normalFont = fontSize: "-*-${fontFamily}-medium-*-*-*-${toString fontSize}-*-*-*-*-*-*-*";
boldFont = fontSize: "-*-${fontFamily}-bold-*-*-*-${toString fontSize}-*-*-*-*-*-*-*";
italicFont = normalFont;
itallicBoldFont = boldFont;
backupFont = fontSize: "xft:TerminessTTF Nerd Font:pixelsize=${toString fontSize}";
in pkgs.writeText "Xresource-xterm-font" ''
XTerm.allow_bold: true
XTerm.xftAntialias: true
!! use xfontsel or fontmatrix to choose line
!XTerm.*.font: ${normalFont cfg.fontSize},${backupFont cfg.fontSize}
!XTerm.*.boldFont: ${boldFont cfg.fontSize},${backupFont cfg.fontSize}
!XTerm.*.italicFont: ${italicFont cfg.fontSize},${backupFont cfg.fontSize}
!XTerm.*.bolditalicFont: ${itallicBoldFont cfg.fontSize},${backupFont cfg.fontSize}
XTerm.*.font: ${normalFont cfg.fontSize}
XTerm.*.boldFont: ${boldFont cfg.fontSize}
XTerm.*.italicFont: ${italicFont cfg.fontSize}
XTerm.*.bolditalicFont: ${itallicBoldFont cfg.fontSize}
'';
"X11/Xresource.d/xterm-colors".source =
let
colorTheme = if (cfg.colorTheme == "dark") then ''
#define S_base03 #002b36
#define S_base02 #073642
#define S_base01 #586e75
#define S_base00 #657b83
#define S_base0 #839496
#define S_base1 #93a1a1
#define S_base2 #eee8d5
#define S_base3 #fdf6e3
''
else ''
#define S_base03 #fdf6e3
#define S_base02 #eee8d5
#define S_base01 #93a1a1
#define S_base00 #839496
#define S_base0 #657b83
#define S_base1 #586e75
#define S_base2 #073642
#define S_base3 #002b36
''; '';
in pkgs.writeText "Xresource-xterm-colors" '' "X11/Xresource.d/xterm-font".source = let
fontFamily = "terminus";
normalFont = fontSize:
"-*-${fontFamily}-medium-*-*-*-${toString fontSize}-*-*-*-*-*-*-*";
boldFont = fontSize:
"-*-${fontFamily}-bold-*-*-*-${toString fontSize}-*-*-*-*-*-*-*";
italicFont = normalFont;
itallicBoldFont = boldFont;
backupFont = fontSize:
"xft:TerminessTTF Nerd Font:pixelsize=${toString fontSize}";
in pkgs.writeText "Xresource-xterm-font" ''
!! Color Configuration XTerm.allow_bold: true
!! ------------------- XTerm.xftAntialias: true
!! Common !! use xfontsel or fontmatrix to choose line
!! ------ !XTerm.*.font: ${normalFont cfg.fontSize},${
#define S_yellow #b58900 backupFont cfg.fontSize
#define S_orange #cb4b16 }
#define S_red #dc322f !XTerm.*.boldFont: ${boldFont cfg.fontSize},${
#define S_magenta #d33682 backupFont cfg.fontSize
#define S_violet #6c71c4 }
#define S_blue #268bd2 !XTerm.*.italicFont: ${italicFont cfg.fontSize},${
#define S_cyan #2aa198 backupFont cfg.fontSize
#define S_green #859900 }
!XTerm.*.bolditalicFont: ${itallicBoldFont cfg.fontSize},${
backupFont cfg.fontSize
}
!! ColorTheme XTerm.*.font: ${normalFont cfg.fontSize}
!! ---------- XTerm.*.boldFont: ${boldFont cfg.fontSize}
${colorTheme} XTerm.*.italicFont: ${italicFont cfg.fontSize}
XTerm.*.bolditalicFont: ${itallicBoldFont cfg.fontSize}
'';
XTerm*background: S_base03 "X11/Xresource.d/xterm-colors".source = let
XTerm*foreground: S_base0 colorTheme = if (cfg.colorTheme == "dark") then ''
XTerm*fading: 40 #define S_base03 #002b36
XTerm*fadeColor: S_base03 #define S_base02 #073642
XTerm*cursorColor: S_base1 #define S_base01 #586e75
XTerm*pointerColorBackground: S_base01 #define S_base00 #657b83
XTerm*pointerColorForeground: S_base1 #define S_base0 #839496
#define S_base1 #93a1a1
#define S_base2 #eee8d5
#define S_base3 #fdf6e3
XTerm*color0: S_base02 '' else ''
XTerm*color1: S_red #define S_base03 #fdf6e3
XTerm*color2: S_green #define S_base02 #eee8d5
XTerm*color3: S_yellow #define S_base01 #93a1a1
XTerm*color4: S_blue #define S_base00 #839496
XTerm*color5: S_magenta #define S_base0 #657b83
XTerm*color6: S_cyan #define S_base1 #586e75
XTerm*color7: S_base2 #define S_base2 #073642
XTerm*color9: S_orange #define S_base3 #002b36
XTerm*color8: S_base03 '';
XTerm*color10: S_base01
XTerm*color11: S_base00
XTerm*color12: S_base0
XTerm*color13: S_violet
XTerm*color14: S_base1
XTerm*color15: S_base3
'';
}; in pkgs.writeText "Xresource-xterm-colors" ''
!! Color Configuration
!! -------------------
!! Common
!! ------
#define S_yellow #b58900
#define S_orange #cb4b16
#define S_red #dc322f
#define S_magenta #d33682
#define S_violet #6c71c4
#define S_blue #268bd2
#define S_cyan #2aa198
#define S_green #859900
!! ColorTheme
!! ----------
${colorTheme}
XTerm*background: S_base03
XTerm*foreground: S_base0
XTerm*fading: 40
XTerm*fadeColor: S_base03
XTerm*cursorColor: S_base1
XTerm*pointerColorBackground: S_base01
XTerm*pointerColorForeground: S_base1
XTerm*color0: S_base02
XTerm*color1: S_red
XTerm*color2: S_green
XTerm*color3: S_yellow
XTerm*color4: S_blue
XTerm*color5: S_magenta
XTerm*color6: S_cyan
XTerm*color7: S_base2
XTerm*color9: S_orange
XTerm*color8: S_base03
XTerm*color10: S_base01
XTerm*color11: S_base00
XTerm*color12: S_base0
XTerm*color13: S_violet
XTerm*color14: S_base1
XTerm*color15: S_base3
'';
};
}; };
} }

79
modules/services/castget.nix
View file

@ -11,47 +11,46 @@ in {
options.custom.services.castget = { options.custom.services.castget = {
enable = mkEnableOption "enable custom.services.castget"; enable = mkEnableOption "enable custom.services.castget";
feeds = mkOption { feeds = mkOption {
type = with types; attrsOf (submodule { type = with types;
options = { attrsOf (submodule {
url = mkOption { options = {
type = with types; str; url = mkOption {
description = '' type = with types; str;
url to the rss feed description = ''
''; url to the rss feed
'';
};
spool = mkOption {
type = with types; path;
description = ''
download enclosures to this directory.
'';
};
}; };
spool = mkOption { });
type = with types; path;
description = ''
download enclosures to this directory.
'';
};
};
});
description = '' description = ''
configurations for the cast configurations for the cast
''; '';
}; };
user = mkOption { user = mkOption {
type = with types; string; type = with types; string;
description = '' description = ''
user to run the systemd service as user to run the systemd service as
''; '';
}; };
timerConfig = mkOption { timerConfig = mkOption {
type = with types; attrsOf str; type = with types; attrsOf str;
default = { default = { OnCalendar = "daily"; };
OnCalendar = "daily";
};
example = { example = {
OnCalendar = "00:05"; OnCalendar = "00:05";
RandomizedDelaySec = "5h"; RandomizedDelaySec = "5h";
}; };
description = '' description = ''
When to run the polling script. See man systemd.timer for details. When to run the polling script. See man systemd.timer for details.
''; '';
}; };
serviceName = mkOption { serviceName = mkOption {
type = with types; string; type = with types; string;
default = "castget"; default = "castget";
description = '' description = ''
the name of the castget systemd service the name of the castget systemd service
@ -68,27 +67,25 @@ in {
restartIfChanged = false; restartIfChanged = false;
serviceConfig.User = cfg.user; serviceConfig.User = cfg.user;
preStart = preStart = let
let mkSpools =
mkSpools = mapAttrsToList (ignore: value: "mkdir -p ${value.spool}") cfg.feeds; mapAttrsToList (ignore: value: "mkdir -p ${value.spool}") cfg.feeds;
in in concatStringsSep "\n" mkSpools;
concatStringsSep "\n" mkSpools; script = let
script = channels = mapAttrsToList (key: ignore: key) cfg.feeds;
let castget = "${pkgs.castget}/bin/castget";
channels = mapAttrsToList (key: ignore: key) cfg.feeds;
castget = "${pkgs.castget}/bin/castget";
configurationFile = configurationFile = let
let configurations = mapAttrsToList (key: value: ''
configurations = mapAttrsToList (key: value: '' [${key}]
[${key}] url=${value.url}
url=${value.url} spool=${value.spool}
spool=${value.spool} '') cfg.feeds;
'') cfg.feeds; in (pkgs.writeText "castget-configuration"
in (concatStringsSep "" configurations));
(pkgs.writeText "castget-configuration" (concatStringsSep "" configurations)); in (concatMapStringsSep "\n"
in (channel: "${castget} --rcfile ${configurationFile} ${channel}")
(concatMapStringsSep "\n" (channel: "${castget} --rcfile ${configurationFile} ${channel}") channels); channels);
}; };
systemd.timers."${cfg.serviceName}" = { systemd.timers."${cfg.serviceName}" = {

490
modules/services/home-assistant.nix
View file

@ -10,265 +10,271 @@ in {
options.services.homeAssistantConfig = mkOption { options.services.homeAssistantConfig = mkOption {
default = null; default = null;
type = with types; nullOr (submodule { options = { type = with types;
group = mkOption { nullOr (submodule {
default = null; options = {
example = { schlafzimmer = { view = false; entities = [ "switch.pal01" ]; }; }; group = mkOption {
type = with types; nullOr (attrsOf ( submodule {
options = {
name = mkOption {
default = null;
type = with types; nullOr str;
description = ''
(string)(Optional)Name of the group.
'';
};
view = mkOption {
default = false;
type = with types; bool;
description = ''
(boolean)(Optional)If yes then the entry will be shown as a view (tab) at the top. Groups that are set to view: true cannot be used as entities in other views.
'';
};
icon = mkOption {
default = null;
type = with types; nullOr str;
description = ''
(string)(Optional)If the group is a view, this icon will show at the top in the frontend instead of the name. If the group is a view and both name and icon have been specified, the icon will appear at the top of the frontend and the name will be displayed as the mouse-over text. If its not a view, then the icon shows when this group is used in another group.
'';
};
control = mkOption {
default = null;
type = with types; nullOr str;
description = ''
(string)(Optional)Set value to hidden. If hidden then the group switch will be hidden.
'';
};
entities = mkOption {
type = with types; listOf str;
description = ''
(list)(Required)Array or comma delimited string, list of entities to group.
'';
};
all = mkOption {
default = true;
type = with types; bool;
description = ''
(boolean)(Optional)Set this to true if the group state should only turn on if all grouped entities are on.
'';
};
};
}));
};
homeassistant = mkOption {
type = with types; (submodule { options = {
name = mkOption {
default = "Home";
type = with types; str;
};
time_zone = mkOption {
default = config.time.timeZone;
type = with types; str;
};
latitude = mkOption {
default = 52.464031;
type = with types; float;
};
longitude = mkOption {
default = 13.381925;
type = with types; float;
};
elevation = mkOption {
default = 34;
type = with types; int;
};
unit_system = mkOption {
default = "metric";
type = with types; str;
};
whitelist_external_dirs = mkOption {
default = null; default = null;
type = with types; nullOr (listOf str); example = {
schlafzimmer = {
view = false;
entities = [ "switch.pal01" ];
};
};
type = with types;
nullOr (attrsOf (submodule {
options = {
name = mkOption {
default = null;
type = with types; nullOr str;
description = ''
(string)(Optional)Name of the group.
'';
};
view = mkOption {
default = false;
type = with types; bool;
description = ''
(boolean)(Optional)If yes then the entry will be shown as a view (tab) at the top. Groups that are set to view: true cannot be used as entities in other views.
'';
};
icon = mkOption {
default = null;
type = with types; nullOr str;
description = ''
(string)(Optional)If the group is a view, this icon will show at the top in the frontend instead of the name. If the group is a view and both name and icon have been specified, the icon will appear at the top of the frontend and the name will be displayed as the mouse-over text. If its not a view, then the icon shows when this group is used in another group.
'';
};
control = mkOption {
default = null;
type = with types; nullOr str;
description = ''
(string)(Optional)Set value to hidden. If hidden then the group switch will be hidden.
'';
};
entities = mkOption {
type = with types; listOf str;
description = ''
(list)(Required)Array or comma delimited string, list of entities to group.
'';
};
all = mkOption {
default = true;
type = with types; bool;
description = ''
(boolean)(Optional)Set this to true if the group state should only turn on if all grouped entities are on.
'';
};
};
}));
}; };
auth_providers = mkOption { homeassistant = mkOption {
type = with types;
(submodule {
options = {
name = mkOption {
default = "Home";
type = with types; str;
};
time_zone = mkOption {
default = config.time.timeZone;
type = with types; str;
};
latitude = mkOption {
default = 52.464031;
type = with types; float;
};
longitude = mkOption {
default = 13.381925;
type = with types; float;
};
elevation = mkOption {
default = 34;
type = with types; int;
};
unit_system = mkOption {
default = "metric";
type = with types; str;
};
whitelist_external_dirs = mkOption {
default = null;
type = with types; nullOr (listOf str);
};
auth_providers = mkOption {
default = null;
type = with types; nullOr (listOf attrs);
};
customize = mkOption {
type = with types;
attrsOf (submodule {
options = {
friendly_name = mkOption { type = with types; str; };
entity_picture = mkOption {
default = null;
type = with types; nullOr str;
};
icon = mkOption {
default = null;
type = with types; nullOr str;
};
};
});
};
};
});
};
introduction = mkOption {
default = { };
type = with types; attrs;
};
frontend = mkOption {
default = { };
type = with types; attrs;
};
config = mkOption {
default = { };
type = with types; attrs;
};
http = mkOption {
default = null;
type = with types; nullOr attrs;
};
discovery = mkOption {
default = null;
type = with types; nullOr attrs;
};
history = mkOption {
default = null;
type = with types; nullOr attrs;
};
logbook = mkOption {
default = null;
type = with types; nullOr attrs;
};
logger = mkOption {
default = { };
type = with types; attrs;
};
lovelace = mkOption {
default = { mode = "yaml"; };
type = with types; nullOr attrs;
};
map = mkOption {
default = null;
type = with types; nullOr attrs;
};
mqtt = mkOption {
default = null;
type = with types; nullOr attrs;
};
sun = mkOption {
default = null;
type = with types; nullOr attrs;
};
switch = mkOption {
default = null; default = null;
type = with types; nullOr (listOf attrs); type = with types; nullOr (listOf attrs);
}; };
customize = mkOption { binary_sensor = mkOption {
type = with types; attrsOf (submodule{ options = { default = null;
friendly_name = mkOption { type = with types; nullOr (listOf attrs);
type = with types; str;
};
entity_picture = mkOption {
default = null;
type = with types; nullOr str;
};
icon = mkOption {
default = null;
type = with types; nullOr str;
};
};});
}; };
};}); sensor = mkOption {
}; default = null;
introduction = mkOption { type = with types; nullOr (listOf attrs);
default = {}; };
type = with types; attrs; prometheus = mkOption {
}; default = null;
frontend = mkOption { type = with types; nullOr attrs;
default = {}; };
type = with types; attrs; automation = mkOption {
}; default = null;
config = mkOption { type = with types; nullOr (listOf attrs);
default = {}; };
type = with types; attrs; media_player = mkOption {
}; default = null;
http = mkOption { type = with types; nullOr (listOf attrs);
default = null; };
type = with types; nullOr attrs; mysensors = mkOption {
}; default = null;
discovery = mkOption { type = with types; nullOr attrs;
default = null; };
type = with types; nullOr attrs; script = mkOption {
}; default = null;
history = mkOption { type = with types;
default = null; nullOr (attrsOf (submodule {
type = with types; nullOr attrs; options = {
}; alias = mkOption {
logbook = mkOption { default = null;
default = null; type = with types; nullOr str;
type = with types; nullOr attrs; };
}; sequence = mkOption {
logger = mkOption { default = [ ];
default = {}; type = with types; listOf attrs;
type = with types; attrs; };
}; };
lovelace = mkOption { }));
default = { mode = "yaml"; }; };
type = with types; nullOr attrs; input_number = mkOption {
}; default = null;
map = mkOption { type = with types; nullOr (attrsOf attrs);
default = null; };
type = with types; nullOr attrs; input_text = mkOption {
}; default = null;
mqtt = mkOption { type = with types; nullOr (attrsOf attrs);
default = null; };
type = with types; nullOr attrs; input_select = mkOption {
}; default = null;
sun = mkOption { type = with types; nullOr (attrsOf attrs);
default = null; };
type = with types; nullOr attrs; input_boolean = mkOption {
}; default = null;
type = with types; (attrsOf attrs);
switch = mkOption { };
default = null; input_datetime = mkOption {
type = with types; nullOr (listOf attrs); default = null;
}; type = with types; (attrsOf attrs);
binary_sensor = mkOption { };
default = null; calendar = mkOption {
type = with types; nullOr (listOf attrs); default = [ ];
}; type = with types; listOf attrs;
sensor = mkOption { };
default = null; shell_command = mkOption {
type = with types; nullOr (listOf attrs); default = null;
}; type = with types; nullOr (attrsOf str);
prometheus = mkOption {
default = null;
type = with types; nullOr attrs;
};
automation = mkOption {
default = null;
type = with types; nullOr (listOf attrs);
};
media_player = mkOption {
default = null;
type = with types; nullOr (listOf attrs);
};
mysensors = mkOption {
default = null;
type = with types; nullOr attrs;
};
script = mkOption {
default = null;
type = with types; nullOr (attrsOf (submodule {
options = {
alias = mkOption {
default = null;
type = with types; nullOr str;
};
sequence = mkOption {
default = [];
type = with types; listOf attrs;
};
}; };
}));
};
input_number = mkOption {
default = null;
type = with types; nullOr (attrsOf attrs);
};
input_text = mkOption {
default = null;
type = with types; nullOr (attrsOf attrs);
};
input_select = mkOption {
default = null;
type = with types; nullOr (attrsOf attrs);
};
input_boolean = mkOption {
default = null;
type = with types; (attrsOf attrs);
};
input_datetime = mkOption {
default = null;
type = with types; (attrsOf attrs);
};
calendar = mkOption {
default = [];
type = with types; listOf attrs;
};
shell_command = mkOption {
default = null;
type = with types; nullOr (attrsOf str);
};
};}); };
});
description = '' description = ''
home-assistant configuration home-assistant configuration
''; '';
}; };
config = mkIf (cfg != null) { config = mkIf (cfg != null) {
services.home-assistant.config = services.home-assistant.config = let
let
sanitize = configuration: lib.getAttr (builtins.typeOf configuration) { sanitize = configuration:
bool = configuration; lib.getAttr (builtins.typeOf configuration) {
int = configuration; bool = configuration;
string = configuration; int = configuration;
str = configuration; string = configuration;
float = configuration; str = configuration;
list = map sanitize configuration; float = configuration;
set = list = map sanitize configuration;
let set = let
stripped = lib.flip lib.filterAttrs configuration stripped = lib.flip lib.filterAttrs configuration (name: value:
(name: value: name != "_module" && name != "_ref" && value != null);
name != "_module"
&& name != "_ref"
&& value != null
);
recursiveSanitized = lib.mapAttrs (lib.const sanitize) stripped; recursiveSanitized = lib.mapAttrs (lib.const sanitize) stripped;
in in if (length (attrNames configuration) == 0) then
if ( length ( attrNames configuration ) == 0 ) null
then else
null recursiveSanitized;
else };
recursiveSanitized;
};
in in sanitize cfg;
sanitize cfg ;
}; };
} }

66
modules/services/lektor.nix
View file

@ -104,29 +104,30 @@ in {
serviceConfig = { serviceConfig = {
User = cfg.user; User = cfg.user;
# todo : this is not working properly # todo : this is not working properly
TimeoutStartSec = "infinity"; # it might take some time will this thing is up TimeoutStartSec =
"infinity"; # it might take some time will this thing is up
ExecStartPre = ExecStartPre = let
let
sshKeyTarget = "/run/keys.lektor/id_rsa"; sshKeyTarget = "/run/keys.lektor/id_rsa";
sshConfig = pkgs.writeText "sshconfig" '' sshConfig = pkgs.writeText "sshconfig" ''
Host ${cfg.host} Host ${cfg.host}
IdentityFile ${sshKeyTarget} IdentityFile ${sshKeyTarget}
Host * Host *
ForwardAgent no ForwardAgent no
Compression no Compression no
ServerAliveInterval 0 ServerAliveInterval 0
HashKnownHosts no HashKnownHosts no
UserKnownHostsFile ~/.ssh/known_hosts UserKnownHostsFile ~/.ssh/known_hosts
ControlMaster no ControlMaster no
ControlPath ~/.ssh/master-%r@%n:%p ControlPath ~/.ssh/master-%r@%n:%p
ControlPersist no ControlPersist no
''; '';
sshKeyScript = pkgs.writers.writeDash "keyfile-gen" /* sh */ '' sshKeyScript = pkgs.writers.writeDash "keyfile-gen" # sh
''
set -x set -x
# setup ~/.ssh # setup ~/.ssh
@ -146,7 +147,8 @@ in {
chmod 500 ${sshKeyTarget} chmod 500 ${sshKeyTarget}
''; '';
cloneScript = pkgs.writers.writeDash "clone" /* sh */ '' cloneScript = pkgs.writers.writeDash "clone" # sh
''
set -x set -x
if [[ `ls ~/${cfg.user} | wc -l` == 0 ]] if [[ `ls ~/${cfg.user} | wc -l` == 0 ]]
then then
@ -155,23 +157,23 @@ in {
${pkgs.git}/bin/git clone ${cfg.repository} ~/${cfg.user} ${pkgs.git}/bin/git clone ${cfg.repository} ~/${cfg.user}
''; '';
in [ in [ "+${sshKeyScript}" "-${cloneScript}" ];
"+${sshKeyScript}"
"-${cloneScript}"
];
}; };
# todo : add restart ruling # todo : add restart ruling
script = /* sh */ '' script = # sh
cd ~/${cfg.user} && \ ''
${pkgs.git}/bin/git pull && \ cd ~/${cfg.user} && \
${optionalString (cfg.additionalScript != null) "${cfg.additionalScript} &&"} \ ${pkgs.git}/bin/git pull && \
${pkgs.python36Packages.lektor}/bin/lektor server \ ${
--host ${cfg.bind} \ optionalString (cfg.additionalScript != null)
--port ${toString cfg.port} "${cfg.additionalScript} &&"
''; } \
${pkgs.python36Packages.lektor}/bin/lektor server \
--host ${cfg.bind} \
--port ${toString cfg.port}
'';
}; };
}; };
} }

26
modules/services/samba-share.nix
View file

@ -15,9 +15,7 @@ in {
description = '' description = ''
folders to share as readonly folders to share as readonly
''; '';
example = { example = { public = "/srv/downloads/movies"; };
public = "/srv/downloads/movies";
};
}; };
}; };
@ -42,18 +40,16 @@ in {
disable spoolss = yes disable spoolss = yes
''; '';
shares = shares = mapAttrs' (name: path: {
mapAttrs' (name: path: name = name;
{ value = {
name = name; browsable = "yes";
value = { comment = "read only share {name}";
browsable = "yes"; path = path;
comment = "read only share {name}"; "read only" = "yes";
path = path; "guest ok" = "yes";
"read only" = "yes"; };
"guest ok" = "yes"; }) cfg.folders;
};
}) cfg.folders;
}; };
users.users.smbguest = { users.users.smbguest = {

41
modules/services/seafile.nix
View file

@ -11,25 +11,25 @@ in {
options.custom.services.seafile = { options.custom.services.seafile = {
enable = mkEnableOption "enable custom.services.seafile"; enable = mkEnableOption "enable custom.services.seafile";
hostname = mkOption { hostname = mkOption {
type = with types; string; type = with types; string;
description = '' description = ''
hostname of the seafile server hostname of the seafile server
''; '';
}; };
port = mkOption { port = mkOption {
type = with types; int; type = with types; int;
description = '' description = ''
port on where ther server runs on port on where ther server runs on
''; '';
}; };
home = mkOption { home = mkOption {
type = with types; path; type = with types; path;
description = '' description = ''
folder in where the seafile stuff gets stored folder in where the seafile stuff gets stored
''; '';
}; };
serviceName = mkOption { serviceName = mkOption {
type = with types; string; type = with types; string;
default = "seafile-docker"; default = "seafile-docker";
description = '' description = ''
name of the systemd service name of the systemd service
@ -47,31 +47,31 @@ in {
after = [ "network.target" "docker.service" ]; after = [ "network.target" "docker.service" ];
requires = [ "docker.service" ]; requires = [ "docker.service" ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
script = /* sh */'' script = # sh
# delete old instance to ensure update ''
${pkgs.docker}/bin/docker stop seafile || true && ${pkgs.docker}/bin/docker rm -f seafile || true # delete old instance to ensure update
# start instance ${pkgs.docker}/bin/docker stop seafile || true && ${pkgs.docker}/bin/docker rm -f seafile || true
${pkgs.docker}/bin/docker run \ # start instance
--name seafile \ ${pkgs.docker}/bin/docker run \
--env SEAFILE_SERVER_HOSTNAME=${cfg.hostname} \ --name seafile \
--env SEAFILE_ADMIN_EMAIL="root@${cfg.hostname}" \ --env SEAFILE_SERVER_HOSTNAME=${cfg.hostname} \
--env SEAFILE_ADMIN_PASSWORD="${lib.fileContents <secrets/seafile/root>}" \ --env SEAFILE_ADMIN_EMAIL="root@${cfg.hostname}" \
--volume ${cfg.home}:/shared \ --env SEAFILE_ADMIN_PASSWORD="${
--publish ${toString cfg.port}:80 \ lib.fileContents <secrets/seafile/root>
seafileltd/seafile:latest }" \
''; --volume ${cfg.home}:/shared \
--publish ${toString cfg.port}:80 \
seafileltd/seafile:latest
'';
}; };
}; };
} }
# ! todo # ! todo
# requires = [ "${config.module.backup.services.encfs."seafile".serviceName}.service" ]; # requires = [ "${config.module.backup.services.encfs."seafile".serviceName}.service" ];
# krops.keys."seafile".path = toString <keys/seafile/encfs>; # krops.keys."seafile".path = toString <keys/seafile/encfs>;
# #
# module.backup.services.encfs = { # module.backup.services.encfs = {
@ -84,4 +84,3 @@ in {
# }; # };
# }; # };

59
modules/services/sshd.nix
View file

@ -13,50 +13,47 @@ in {
sshd = { sshd = {
enable = mkEnableOption "Start sshd server"; enable = mkEnableOption "Start sshd server";
rootKeyFiles = mkOption { rootKeyFiles = mkOption {
type = with types; listOf path; type = with types; listOf path;
description = "keys to root login"; description = "keys to root login";
default = [ ]; default = [ ];
}; };
}; };
}; };
config = mkMerge [ config = mkMerge [
(mkIf cfg.tools.enable { (mkIf cfg.tools.enable {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs;
# sshuttle [
sshfs # sshuttle
]; sshfs
}) ];
})
(mkIf cfg.sshd.enable { (mkIf cfg.sshd.enable {
services.openssh = { services.openssh = {
enable = true; enable = true;
forwardX11 = true; forwardX11 = true;
passwordAuthentication = false; passwordAuthentication = false;
}; };
users.users.root.openssh.authorizedKeys.keyFiles = cfg.sshd.rootKeyFiles ; users.users.root.openssh.authorizedKeys.keyFiles = cfg.sshd.rootKeyFiles;
services.openssh.extraConfig = '' services.openssh.extraConfig = ''
Banner /etc/sshd/banner-line Banner /etc/sshd/banner-line
''; '';
environment.etc."sshd/banner-line".text = environment.etc."sshd/banner-line".text = let
let text = config.networking.hostName;
text = config.networking.hostName; size = 80 - (lib.stringLength text);
size = 80 - (lib.stringLength text); space = lib.fixedWidthString size " " "";
space = lib.fixedWidthString size " " ""; in ''
in ''
${space}${text}
${ space }${ text } '';
'';
}
)
})
]; ];

56
modules/services/transmission.nix
View file

@ -3,36 +3,34 @@
with lib; with lib;
let let
cfg = config.services.custom.transmission; cfg = config.services.custom.transmission;
in { in {
options.services.custom.transmission = { options.services.custom.transmission = {
enable = lib.mkEnableOption "transmission"; enable = lib.mkEnableOption "transmission";
home = lib.mkOption { home = lib.mkOption {
type = lib.types.path; type = lib.types.path;
description = "where the configs are"; description = "where the configs are";
}; };
store = lib.mkOption { store = lib.mkOption {
type = lib.types.path; type = lib.types.path;
description = "where to store"; description = "where to store";
}; };
hosts = lib.mkOption { hosts = lib.mkOption {
type = lib.types.str; type = lib.types.str;
description = "allowed hostnames"; description = "allowed hostnames";
}; };
whitelist = lib.mkOption { whitelist = lib.mkOption {
type = lib.types.str; type = lib.types.str;
description = "Ip to listen to"; description = "Ip to listen to";
}; };
user = lib.mkOption { user = lib.mkOption {
type = lib.types.str; type = lib.types.str;
description = "user to login"; description = "user to login";
}; };
password = lib.mkOption { password = lib.mkOption {
type = lib.types.str; type = lib.types.str;
description = "password to login"; description = "password to login";
}; };
port = mkOption { port = mkOption {
@ -60,23 +58,23 @@ in {
services.transmission = { services.transmission = {
enable = true; enable = true;
home = "${cfg.home}"; home = "${cfg.home}";
settings = { settings = {
# Downloads # Downloads
download-dir = "${cfg.store}/downloads"; download-dir = "${cfg.store}/downloads";
incomplete-dir-enabled = true; incomplete-dir-enabled = true;
incomplete-dir = "${cfg.store}/incomplete"; incomplete-dir = "${cfg.store}/incomplete";
# RPC = UI connection # RPC = UI connection
rpc-whitelist = "${cfg.whitelist}"; rpc-whitelist = "${cfg.whitelist}";
rpc-host-whitelist = "${cfg.hosts}"; rpc-host-whitelist = "${cfg.hosts}";
rpc-user = "${cfg.user}"; rpc-user = "${cfg.user}";
rpc-username = "${cfg.user}"; rpc-username = "${cfg.user}";
rpc-password = "${cfg.password}"; rpc-password = "${cfg.password}";
# Start torrents as soon as they are added # Start torrents as soon as they are added
start-added-torrents = true; start-added-torrents = true;
# Encryption may help get around some ISP filtering, # Encryption may help get around some ISP filtering,
# but at the cost of slightly higher CPU use. # but at the cost of slightly higher CPU use.
@ -86,36 +84,36 @@ in {
encryption = 2; encryption = 2;
# Enable Local Peer Discovery (LPD). # Enable Local Peer Discovery (LPD).
lpd-enabled = true; lpd-enabled = true;
# Enable UPnP or NAT-PMP. # Enable UPnP or NAT-PMP.
peer-port = cfg.port; peer-port = cfg.port;
port-forwarding-enabled = true; port-forwarding-enabled = true;
# "normal" speed limits # "normal" speed limits
speed-limit-down-enabled = true; speed-limit-down-enabled = true;
speed-limit-down = 800; speed-limit-down = 800;
speed-limit-up-enabled = true ; speed-limit-up-enabled = true;
speed-limit-up = 50; speed-limit-up = 50;
upload-slots-per-torrent = 8; upload-slots-per-torrent = 8;
# Queuing # Queuing
# When true, Transmission will only download # When true, Transmission will only download
# download-queue-size non-stalled torrents at once. # download-queue-size non-stalled torrents at once.
download-queue-enabled = true; download-queue-enabled = true;
download-queue-size = 1; download-queue-size = 1;
# When true, torrents that have not shared data for # When true, torrents that have not shared data for
# queue-stalled-minutes are treated as 'stalled' # queue-stalled-minutes are treated as 'stalled'
# and are not counted against the queue-download-size # and are not counted against the queue-download-size
# and seed-queue-size limits. # and seed-queue-size limits.
queue-stalled-enabled = true; queue-stalled-enabled = true;
queue-stalled-minutes = 60; queue-stalled-minutes = 60;
# When true. Transmission will only seed seed-queue-size # When true. Transmission will only seed seed-queue-size
# non-stalled torrents at once. # non-stalled torrents at once.
seed-queue-enabled = true; seed-queue-enabled = true;
seed-queue-size = 10; seed-queue-size = 10;
# umask of the moves that got downloaded # umask of the moves that got downloaded
umask = 18; umask = 18;

64
modules/services/videoencoder.nix
View file

@ -7,7 +7,8 @@ let
cfg = config.service.videoencoder; cfg = config.service.videoencoder;
# todo : escape output and input File # todo : escape output and input File
createEncoder = tmpFolder: inputFile: outputFile: /* sh */ '' createEncoder = tmpFolder: inputFile: outputFile: # sh
''
mkdir -p ${tmpFolder} mkdir -p ${tmpFolder}
rm -rf ${tmpFolder}/* rm -rf ${tmpFolder}/*
TMP_FILE=`mktemp --dry-run ${tmpFolder}/XXXXXXXX.${cfg.format}` TMP_FILE=`mktemp --dry-run ${tmpFolder}/XXXXXXXX.${cfg.format}`
@ -35,7 +36,7 @@ in {
enable = mkEnableOption "enable service.videoencoder"; enable = mkEnableOption "enable service.videoencoder";
profile = mkOption { profile = mkOption {
type = with types; string; type = with types; string;
default = "main"; default = "main";
description = '' description = ''
-profile:v -profile:v
@ -43,7 +44,8 @@ in {
}; };
tune = mkOption { tune = mkOption {
type = with types; nullOr (enum [ "film" "animation" "grain" "stillimage" ]); type = with types;
nullOr (enum [ "film" "animation" "grain" "stillimage" ]);
default = null; default = null;
description = '' description = ''
-tune -tune
@ -51,7 +53,7 @@ in {
}; };
format = mkOption { format = mkOption {
type = with types; enum [ "mp4" "mkv" ]; type = with types; enum [ "mp4" "mkv" ];
default = "mp4"; default = "mp4";
description = '' description = ''
the format the format
@ -59,24 +61,25 @@ in {
}; };
fileConfig = mkOption { fileConfig = mkOption {
type = with types; listOf (submodule { type = with types;
options = { listOf (submodule {
inputFile = mkOption { options = {
# todo make this path inputFile = mkOption {
type = with types; string; # todo make this path
description = '' type = with types; string;
full path to the inputFile description = ''
''; full path to the inputFile
'';
};
outputFile = mkOption {
type = with types; string;
description = ''
full path to the ouputFile
folder must exist
'';
};
}; };
outputFile = mkOption { });
type = with types; string;
description = ''
full path to the ouputFile
folder must exist
'';
};
};
});
description = '' description = ''
list of files to encode. list of files to encode.
''; '';
@ -86,17 +89,16 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
systemd.services."videoEncoding" = { systemd.services."videoEncoding" = {
wantedBy = ["multi-user.target"]; wantedBy = [ "multi-user.target" ];
enable = true; enable = true;
script = script = let
let myList = map (value:
myList = map ( value : createEncoder "/tmp/videoencoder" value.inputFile value.outputFile)
createEncoder "/tmp/videoencoder" value.inputFile value.outputFile cfg.fileConfig;
) cfg.fileConfig; in ''
in '' set -x
set -x ${concatStringsSep "\n" myList}
${concatStringsSep "\n" myList} '';
'';
}; };

94
modules/system/audio.nix
View file

@ -6,20 +6,21 @@ let
ladspaPath = "${pkgs.ladspaPlugins}/lib/ladspa"; ladspaPath = "${pkgs.ladspaPlugins}/lib/ladspa";
jackScript = pkgs.writeShellScriptBin "jack" (lib.fileContents <assets/jack.sh>); jackScript =
pkgs.writeShellScriptBin "jack" (lib.fileContents <assets/jack.sh>);
queueElement = { queueElement = {
options = { options = {
plugin = mkOption { plugin = mkOption {
type = with types; str; type = with types; str;
description = "file name without suffix of the plugin"; description = "file name without suffix of the plugin";
}; };
label = mkOption { label = mkOption {
type = with types; str; type = with types; str;
description = "label of the queue element (needs to be correct)"; description = "label of the queue element (needs to be correct)";
}; };
control = mkOption { control = mkOption {
type = with types; listOf str; type = with types; listOf str;
description = "parameter of plugin"; description = "parameter of plugin";
}; };
}; };
@ -28,11 +29,11 @@ let
sinkElement = { sinkElement = {
options = { options = {
name = mkOption { name = mkOption {
type = with types; str; type = with types; str;
description = "name of the sink"; description = "name of the sink";
}; };
queue = mkOption { queue = mkOption {
type = with types; listOf (submodule queueElement); type = with types; listOf (submodule queueElement);
description = "queues"; description = "queues";
}; };
}; };
@ -44,8 +45,8 @@ in {
options.system.custom.audio = { options.system.custom.audio = {
enable = mkEnableOption "use PluseAudio"; enable = mkEnableOption "use PluseAudio";
sinks = mkOption { sinks = mkOption {
type = with types; listOf (submodule sinkElement); type = with types; listOf (submodule sinkElement);
description = "list of sinks"; description = "list of sinks";
}; };
}; };
@ -66,16 +67,18 @@ in {
# LADSPA # LADSPA
# ------ # ------
programs.bash.interactiveShellInit = /* sh */ '' programs.bash.interactiveShellInit = # sh
# set ladspa library path ''
# about testing the plugins check analyseplugin command # set ladspa library path
export LADSPA_PATH=${ladspaPath} # about testing the plugins check analyseplugin command
''; export LADSPA_PATH=${ladspaPath}
programs.zsh.interactiveShellInit = /* sh */ '' '';
# set ladspa library path programs.zsh.interactiveShellInit = # sh
# about testing the plugins check analyseplugin command ''
export LADSPA_PATH=${ladspaPath} # set ladspa library path
''; # about testing the plugins check analyseplugin command
export LADSPA_PATH=${ladspaPath}
'';
# PulseAudio # PulseAudio
# ---------- # ----------
@ -84,7 +87,7 @@ in {
system.custom.mainUser.extraGroups = [ "audio" ]; system.custom.mainUser.extraGroups = [ "audio" ];
hardware.pulseaudio = { hardware.pulseaudio = {
enable = true; enable = true;
# all in audio group can do audio # all in audio group can do audio
systemWide = true; systemWide = true;
@ -93,34 +96,42 @@ in {
extraConfig = '' extraConfig = ''
# automatically switch to newly-connected devices # automatically switch to newly-connected devices
load-module module-switch-on-connect load-module module-switch-on-connect
# http://plugin.org.uk/ladspa-swh/docs/ladspa-swh.html # http://plugin.org.uk/ladspa-swh/docs/ladspa-swh.html
# https://gavv.github.io/articles/pulseaudio-under-the-hood/#ladspa-plugin-sink # https://gavv.github.io/articles/pulseaudio-under-the-hood/#ladspa-plugin-sink
${builtins.toString (flip map cfg.sinks (sink : '' ${builtins.toString (flip map cfg.sinks (sink: ''
# ladspa sink : ${sink.name} # ladspa sink : ${sink.name}
# ------------- # -------------
${builtins.toString (flip imap0 (reverseList sink.queue) (index : queua: ${builtins.toString (flip imap0 (reverseList sink.queue)
let (index: queua:
sinkName = suffix : "${sink.name}${builtins.toString suffix}"; let
sinkValue = "sink_name=${sinkName index}"; sinkName = suffix: "${sink.name}${builtins.toString suffix}";
sinkDescription = "sink_properties=device.description=${sinkName index}-${queua.label}"; sinkValue = "sink_name=${sinkName index}";
masterValue = if (index == 0) then "" else "master=${sinkName (index - 1)}"; sinkDescription = "sink_properties=device.description=${
pluginValue = "plugin=${ladspaPath}/${queua.plugin}"; sinkName index
labelValue = "label=${queua.label}"; }-${queua.label}";
controlValue = "control=${builtins.toString (foldl (a: b: "${a},${b}") (head queua.control) (tail queua.control))}"; masterValue =
in '' if (index == 0) then "" else "master=${sinkName (index - 1)}";
# ${sinkName index} : ${queua.label} pluginValue = "plugin=${ladspaPath}/${queua.plugin}";
load-module module-ladspa-sink ${sinkValue} ${sinkDescription} ${masterValue} ${pluginValue} ${labelValue} ${controlValue} labelValue = "label=${queua.label}";
controlValue = "control=${
builtins.toString
(foldl (a: b: "${a},${b}") (head queua.control)
(tail queua.control))
}";
in ''
# ${sinkName index} : ${queua.label}
load-module module-ladspa-sink ${sinkValue} ${sinkDescription} ${masterValue} ${pluginValue} ${labelValue} ${controlValue}
''))}
''))} ''))}
''))} '';
'';
}; };
# Packages needed # Packages needed
# --------------- # ---------------
environment.systemPackages = with pkgs ; [ environment.systemPackages = with pkgs; [
jackScript jackScript
@ -132,7 +143,6 @@ in {
# qjackctl # qjackctl
# LADSPA # LADSPA
# ------ # ------
ladspaPlugins ladspaPlugins

11
modules/system/bluetooth.nix
View file

@ -6,20 +6,21 @@ let
in { in {
options.system.custom.bluetooth.enable = lib.mkEnableOption "enable bluetooth support"; options.system.custom.bluetooth.enable =
lib.mkEnableOption "enable bluetooth support";
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
hardware.bluetooth = { hardware.bluetooth = {
enable = true; enable = true;
powerOnBoot = true; powerOnBoot = true;
extraConfig = '' extraConfig = ''
[General] [General]
AutoConnect=true AutoConnect=true
''; '';
}; };
environment.systemPackages = with pkgs ; [ environment.systemPackages = with pkgs; [
# bluetooth audio # bluetooth audio
# --------------- # ---------------

23
modules/system/font.nix
View file

@ -11,8 +11,8 @@ in {
options.system.custom.fonts = { options.system.custom.fonts = {
enable = mkEnableOption "enable fonts"; enable = mkEnableOption "enable fonts";
dpi = mkOption { dpi = mkOption {
type = types.int; type = types.int;
default = 141; default = 141;
description = '' description = ''
dpi of the monitor dpi of the monitor
''; '';
@ -23,25 +23,23 @@ in {
fonts = { fonts = {
enableCoreFonts = true; enableCoreFonts = true;
enableFontDir = true; enableFontDir = true;
enableGhostscriptFonts = true; enableGhostscriptFonts = true;
fontconfig = { fontconfig = {
dpi = cfg.dpi; dpi = cfg.dpi;
subpixel = { subpixel = {
lcdfilter = "default"; lcdfilter = "default";
rgba = "rgb"; rgba = "rgb";
}; };
hinting = { hinting = {
enable = true; enable = true;
autohint = false; autohint = false;
}; };
enable = true; enable = true;
antialias = true; antialias = true;
defaultFonts = { defaultFonts = { monospace = [ "inconsolata" ]; };
monospace = [ "inconsolata" ];
};
}; };
fonts = with pkgs; [ fonts = with pkgs; [
@ -73,4 +71,3 @@ in {
} }

35
modules/system/mainUser.nix
View file

@ -7,14 +7,12 @@ let
cfg = config.system.custom.mainUser; cfg = config.system.custom.mainUser;
dockerGroup = dockerGroup =
if (config.virtualisation.docker.enable) if (config.virtualisation.docker.enable) then [ "docker" ] else [ ];
then [ "docker" ]
else [];
vboxGroup = vboxGroup = if (config.virtualisation.virtualbox.host.enable) then
if (config.virtualisation.virtualbox.host.enable) [ "vboxusers" ]
then [ "vboxusers" ] else
else []; [ ];
in { in {
@ -23,14 +21,14 @@ in {
enable = mkEnableOption "enable mainUser for a desktop system"; enable = mkEnableOption "enable mainUser for a desktop system";
userName = mkOption { userName = mkOption {
type = with types; str; type = with types; str;
description = '' description = ''
name of the main user name of the main user
''; '';
}; };
uid = mkOption { uid = mkOption {
type = with types; int; type = with types; int;
default = 1337; default = 1337;
description = '' description = ''
uid of main user uid of main user
@ -38,7 +36,7 @@ in {
}; };
extraGroups = mkOption { extraGroups = mkOption {
default = []; default = [ ];
type = with types; listOf str; type = with types; listOf str;
description = '' description = ''
list of groups the main user should also be in list of groups the main user should also be in
@ -46,7 +44,7 @@ in {
}; };
authorizedKeyFiles = mkOption { authorizedKeyFiles = mkOption {
default = []; default = [ ];
type = with types; listOf str; type = with types; listOf str;
description = '' description = ''
list of keys allowed to login as this user list of keys allowed to login as this user
@ -59,17 +57,18 @@ in {
users = { users = {
mutableUsers = true; mutableUsers = true;
defaultUserShell = pkgs.zsh; defaultUserShell = pkgs.zsh;
users.mainUser = { users.mainUser = {
isNormalUser = true; isNormalUser = true;
name = cfg.userName; name = cfg.userName;
uid = cfg.uid; uid = cfg.uid;
home = "/home/${cfg.userName}"; home = "/home/${cfg.userName}";
initialPassword = cfg.userName; initialPassword = cfg.userName;
extraGroups = [ "wheel" "networkmanager" "transmission" "wireshark" ] ++ dockerGroup ++ vboxGroup ++ cfg.extraGroups; extraGroups = [ "wheel" "networkmanager" "transmission" "wireshark" ]
openssh.authorizedKeys.keyFiles = cfg.authorizedKeyFiles ; ++ dockerGroup ++ vboxGroup ++ cfg.extraGroups;
openssh.authorizedKeys.keyFiles = cfg.authorizedKeyFiles;
}; };
}; };
}; };

84
modules/system/permown.nix
View file

@ -1,59 +1,53 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
with lib; with lib;
let let cfg = config.system.permown;
cfg = config.system.permown;
in { in {
options.system.permown = mkOption { options.system.permown = mkOption {
default = {}; default = { };
type = with types; attrsOf (submodule ({ config, ... }: { type = with types;
options = { attrsOf (submodule ({ config, ... }: {
directory-mode = mkOption { options = {
default = "=rwx"; directory-mode = mkOption {
type = types.str; # TODO default = "=rwx";
type = types.str; # TODO
};
file-mode = mkOption {
default = "=rw";
type = types.str; # TODO
};
group = mkOption {
apply = x: if x == null then "" else x;
default = null;
type = types.nullOr types.str;
};
owner = mkOption { type = types.str; };
path = mkOption {
default = config._module.args.name;
type = types.path;
};
umask = mkOption {
default = "0027";
type = types.str;
};
}; };
file-mode = mkOption { }));
default = "=rw";
type = types.str; # TODO
};
group = mkOption {
apply = x: if x == null then "" else x;
default = null;
type = types.nullOr types.str;
};
owner = mkOption {
type = types.str;
};
path = mkOption {
default = config._module.args.name;
type = types.path;
};
umask = mkOption {
default = "0027";
type = types.str;
};
};
}));
}; };
config = config = let plans = lib.attrValues cfg;
let in mkIf (plans != [ ]) {
plans = lib.attrValues cfg;
in
mkIf (plans != []) {
system.activationScripts.permown = let system.activationScripts.permown = let
mkdir = plan: /* sh */ '' mkdir = plan: # sh
${pkgs.coreutils}/bin/mkdir -p ${plan.path} ''
''; ${pkgs.coreutils}/bin/mkdir -p ${plan.path}
in '';
concatMapStrings mkdir plans; in concatMapStrings mkdir plans;
# genAttrs' = names: f: listToAttrs (map f names); # genAttrs' = names: f: listToAttrs (map f names);
systemd.services = listToAttrs (flip map plans (plan: { systemd.services = listToAttrs (flip map plans (plan: {
name = "permown.${replaceStrings ["/"] ["_"] plan.path}"; name = "permown.${replaceStrings [ "/" ] [ "_" ] plan.path}";
value = { value = {
environment = { environment = {
DIR_MODE = plan.directory-mode; DIR_MODE = plan.directory-mode;
@ -61,11 +55,7 @@ in {
OWNER_GROUP = "${plan.owner}:${plan.group}"; OWNER_GROUP = "${plan.owner}:${plan.group}";
ROOT_PATH = plan.path; ROOT_PATH = plan.path;
}; };
path = [ path = [ pkgs.coreutils pkgs.findutils pkgs.inotifyTools ];
pkgs.coreutils
pkgs.findutils
pkgs.inotifyTools
];
serviceConfig = { serviceConfig = {
ExecStart = pkgs.writers.writeDash "permown" '' ExecStart = pkgs.writers.writeDash "permown" ''
set -efu set -efu

11
modules/system/wifi.nix
View file

@ -10,11 +10,11 @@ in {
options.system.custom.wifi = { options.system.custom.wifi = {
enable = mkEnableOption "enable wifi"; enable = mkEnableOption "enable wifi";
system = mkOption{ system = mkOption {
default = "wpa_supplicant"; default = "wpa_supplicant";
type = with types; enum ["wpa_supplicant" "networkmanager"]; type = with types; enum [ "wpa_supplicant" "networkmanager" ];
}; };
configurationFile = mkOption{ configurationFile = mkOption {
default = null; default = null;
type = with types; nullOr path; type = with types; nullOr path;
description = '' description = ''
@ -22,8 +22,8 @@ in {
''; '';
}; };
interfaces = mkOption { interfaces = mkOption {
type = with types; listOf string; type = with types; listOf string;
default = []; default = [ ];
description = '' description = ''
list of interfaces to take care of, list of interfaces to take care of,
if empty it will test all interfaces if empty it will test all interfaces
@ -73,4 +73,3 @@ in {
} }

Some files were not shown because too many files have changed in this diff Show more