palo/nixos-config
palo/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions1

workhorse done and nixpkgs-fmt

Browse source
This commit is contained in:
Ingolf Wagner 2021-11-01 09:20:42 +01:00
parent 87be340dfa
commit fc33e57a54
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
124 changed files with 3142 additions and 2590 deletions

96
nixos/system/all/borg-jobs.nix
View file

@ -20,58 +20,62 @@
};
};
config = let
config =
let
servers = [
{
name = "workhorse";
host = "workhorse.private";
}
{
name = "pepe";
host = "pepe.private";
}
];
servers = [
{
name = "workhorse";
host = "workhorse.private";
}
{
name = "pepe";
host = "pepe.private";
}
];
dirs = config.backup.dirs;
dirs = config.backup.dirs;
myHostname = config.networking.hostName;
myHostname = config.networking.hostName;
setup = server: {
paths = config.backup.dirs;
exclude = config.backup.exclude;
doInit = true;
repo = "borg@${server}:./${myHostname}";
encryption = {
mode = "repokey-blake2";
passCommand =
"cat ${config.sops.secrets.backup_repository_passphrase.path}";
};
environment.BORG_RSH =
"ssh -i ${toString config.sops.secrets.backup_ssh_rsa_private.path}";
compression = "auto,lzma";
startAt = "daily";
prune.keep = {
within = "10d"; # Keep all backups in the last 10 days.
weekly = 8; # Keep 8 additional end of week archives.
monthly = -1; # Keep end of month archive for every month
};
setup = server: {
paths = config.backup.dirs;
exclude = config.backup.exclude;
doInit = true;
repo = "borg@${server}:./${myHostname}";
encryption = {
mode = "repokey-blake2";
passCommand =
"cat ${config.sops.secrets.backup_repository_passphrase.path}";
};
environment.BORG_RSH =
"ssh -i ${toString config.sops.secrets.backup_ssh_rsa_private.path}";
compression = "auto,lzma";
startAt = "daily";
prune.keep = {
within = "10d"; # Keep all backups in the last 10 days.
weekly = 8; # Keep 8 additional end of week archives.
monthly = -1; # Keep end of month archive for every month
};
in
{
sops.secrets.backup_repository_passphrase = { };
sops.secrets.backup_ssh_rsa_private = { };
services.borgbackup.jobs =
let
setups = map ({ name, host }: { "${name}" = setup host; }) servers;
setupAttrs = lib.zipAttrsWith (_: vals: lib.head vals) setups;
nonEmptySetups =
lib.filterAttrs (_: { paths, ... }: builtins.length paths != 0)
setupAttrs;
in
nonEmptySetups;
};
in {
sops.secrets.backup_repository_passphrase = { };
sops.secrets.backup_ssh_rsa_private = { };
services.borgbackup.jobs = let
setups = map ({ name, host }: { "${name}" = setup host; }) servers;
setupAttrs = lib.zipAttrsWith (_: vals: lib.head vals) setups;
nonEmptySetups =
lib.filterAttrs (_: { paths, ... }: builtins.length paths != 0)
setupAttrs;
in nonEmptySetups;
};
}

36
nixos/system/all/borg-scripts.nix
View file

@ -1,20 +1,24 @@
{ pkgs, lib, ... }: {
environment.systemPackages = let
createScript = command: host: repository:
pkgs.writers.writeBashBin
"borg-${command}-on-${host}-for-${repository}" ''
${pkgs.borgbackup}/bin/borg \
${command} \
--rsh='ssh -i ~/.ssh/card_rsa.pub' borg@${host}.private:${repository}/. \
"$@"
'';
hosts = [ "workhorse" "pepe" ];
repositories = [ "workhorse" "pepe" "sterni" "workout" ];
commands = [ "list" ];
in lib.flatten (map (command:
map
(host: map (repository: createScript command host repository) repositories)
hosts) commands);
environment.systemPackages =
let
createScript = command: host: repository:
pkgs.writers.writeBashBin
"borg-${command}-on-${host}-for-${repository}" ''
${pkgs.borgbackup}/bin/borg \
${command} \
--rsh='ssh -i ~/.ssh/card_rsa.pub' borg@${host}.private:${repository}/. \
"$@"
'';
hosts = [ "workhorse" "pepe" ];
repositories = [ "workhorse" "pepe" "sterni" "workout" ];
commands = [ "list" ];
in
lib.flatten (map
(command:
map
(host: map (repository: createScript command host repository) repositories)
hosts)
commands);
}

3
nixos/system/all/grub.nix
View file

@ -5,7 +5,8 @@ let
rev = "fe27cbc99e994d50bb4269a9388e3f7d60492ffa";
sha256 = "1z8zc4k2mh8d56ipql8vfljvdjczrrna5ckgzjsdyrndfkwv8ghw";
};
in {
in
{
boot.loader.grub.extraConfig = ''
set theme=($drive1)//themes/fallout-grub-theme/theme.txt

40
nixos/system/all/networking-qos.nix
View file

@ -26,28 +26,30 @@
};
};
config = let
kbits = number:
import (pkgs.runCommand "round-${toString number}" { }
''awk 'BEGIN{printf "\"%ikbit\"", ${toString number}}' > $out'');
config =
let
kbits = number:
import (pkgs.runCommand "round-${toString number}" { }
''awk 'BEGIN{printf "\"%ikbit\"", ${toString number}}' > $out'');
interface = config.configuration.fireqos.interface;
input = "${toString config.configuration.fireqos.input}kbit";
output = "${toString config.configuration.fireqos.output}kbit";
tincInput = kbits (config.configuration.fireqos.input * 0.7);
tincOutput = kbits (config.configuration.fireqos.output * 0.7);
useBalancedForExperimenting = false;
interface = config.configuration.fireqos.interface;
input = "${toString config.configuration.fireqos.input}kbit";
output = "${toString config.configuration.fireqos.output}kbit";
tincInput = kbits (config.configuration.fireqos.input * 0.7);
tincOutput = kbits (config.configuration.fireqos.output * 0.7);
useBalancedForExperimenting = false;
tincPorts =
lib.mapAttrsToList (name: configuration: toString configuration.port)
config.module.cluster.services.tinc;
tincPorts =
lib.mapAttrsToList (name: configuration: toString configuration.port)
config.module.cluster.services.tinc;
in {
in
{
# https://firehol.org/tutorial/fireqos-new-user/
services.fireqos.enable = config.configuration.fireqos.enable;
systemd.services.fireqos.wantedBy = [ "multi-user.target" ];
services.fireqos.config = ''
# https://firehol.org/tutorial/fireqos-new-user/
services.fireqos.enable = config.configuration.fireqos.enable;
systemd.services.fireqos.wantedBy = [ "multi-user.target" ];
services.fireqos.config = ''
# ------------------- world
@ -121,6 +123,6 @@
'';
};
};
}

42
nixos/system/all/nginx-landingpage.nix
View file

@ -228,28 +228,32 @@
}
{
text = "Syncthings";
items = map ({ name, host ? "${name}.private", ... }: {
label = name;
href = "http://${host}:8384/";
image =
"https://media.giphy.com/media/JoyU4vuzwj6ZA7Ging/giphy.gif";
}) (map (name: { inherit name; }) (lib.attrNames
config.module.cluster.services.tinc."private".hosts));
items = map
({ name, host ? "${name}.private", ... }: {
label = name;
href = "http://${host}:8384/";
image =
"https://media.giphy.com/media/JoyU4vuzwj6ZA7Ging/giphy.gif";
})
(map (name: { inherit name; }) (lib.attrNames
config.module.cluster.services.tinc."private".hosts));
}
{
text = "netdata";
items = map ({ name, host ? "${name}.private", ... }: {
label = name;
href = "http://${host}:19999/";
image = "https://media.giphy.com/media/BkjdN6MQCDPaw/giphy.gif";
}) (map (name: { inherit name; }) [
"workhorse"
"porani"
"pepe"
"sputnik"
]
#(lib.attrNames config.module.cluster.services.tinc."private".hosts)
);
items = map
({ name, host ? "${name}.private", ... }: {
label = name;
href = "http://${host}:19999/";
image = "https://media.giphy.com/media/BkjdN6MQCDPaw/giphy.gif";
})
(map (name: { inherit name; }) [
"workhorse"
"porani"
"pepe"
"sputnik"
]
#(lib.attrNames config.module.cluster.services.tinc."private".hosts)
);
}
];
};

3
nixos/system/all/nginx.nix
View file

@ -2,7 +2,8 @@
let
access_log_sink = "workhorse.private:12304";
error_log_sink = "workhorse.private:12305";
in {
in
{
security.acme.email = "contact@ingolf-wagner.de";
security.acme.acceptTerms = true;

17
nixos/system/all/packages.nix
View file

@ -29,14 +29,17 @@ let
EOF
'';
storepath = let
dirname = "${pkgs.coreutils-full}/bin/dirname";
readlink = "${pkgs.coreutils-full}/bin/readlink";
in pkgs.writers.writeBashBin "storepath" ''
${dirname} $( ${readlink} $( type -p "$1" ) )
'';
storepath =
let
dirname = "${pkgs.coreutils-full}/bin/dirname";
readlink = "${pkgs.coreutils-full}/bin/readlink";
in
pkgs.writers.writeBashBin "storepath" ''
${dirname} $( ${readlink} $( type -p "$1" ) )
'';
in {
in
{
#imports = [ ./packages/llvm-config-dummy.nix ];

78
nixos/system/all/packages/llvm-config-dummy.nix
View file

@ -1,41 +1,43 @@
{ pkgs, config, lib, ... }:
with pkgs.lib; {
environment.systemPackages = let
llvm = pkgs.llvm;
llvm-config = pkgs.writers.writeBashBin "llvm-config" ''
while [[ $# -gt 0 ]]; do
arg="$1"
case $arg in
--assertion-mode)
echo "OFF"
;;
--bindir)
echo "${getBin llvm}/bin"
;;
--libdir)
echo "${getLib llvm}/lib"
;;
--includedir)
echo "${getDev llvm}/include"
;;
--prefix)
echo "${llvm.out}"
;;
--src-root)
echo "/build/llvm";
;;
--obj-root)
echo "/build/llvm/build";
;;
--cmakedir)
echo "${getDev llvm}/lib/cmake/llvm"
;;
*)
echo "Unhandled argument '$arg' passed to dummy llvm-config!"
exit 1
esac
shift
done
'';
in [ llvm-config ];
environment.systemPackages =
let
llvm = pkgs.llvm;
llvm-config = pkgs.writers.writeBashBin "llvm-config" ''
while [[ $# -gt 0 ]]; do
arg="$1"
case $arg in
--assertion-mode)
echo "OFF"
;;
--bindir)
echo "${getBin llvm}/bin"
;;
--libdir)
echo "${getLib llvm}/lib"
;;
--includedir)
echo "${getDev llvm}/include"
;;
--prefix)
echo "${llvm.out}"
;;
--src-root)
echo "/build/llvm";
;;
--obj-root)
echo "/build/llvm/build";
;;
--cmakedir)
echo "${getDev llvm}/lib/cmake/llvm"
;;
*)
echo "Unhandled argument '$arg' passed to dummy llvm-config!"
exit 1
esac
shift
done
'';
in
[ llvm-config ];
}

4
nixos/system/all/shell.nix
View file

@ -1,4 +1,2 @@
{ config, lib, ... }:
{
}
{ }

79
nixos/system/all/sshd-known-hosts-bootup.nix
View file

@ -3,47 +3,56 @@ with lib;
let
computers = {
workhorse = {
onionId = fileContents ../../private_assets/onion_id_workhorse;
publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII/I4JBA1HHTH2xsrEM7xtxkhRDE42lZcBrdBvN46WTx";
};
porani = {
onionId = fileContents ../../private_assets/onion_id_porani;
publicKey =
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGFaTRGqMd/rKpyMUP6wVbgiWFOUvUV2qS/B5Xe02UUch/wxR4fTCY+vnzku5K0V/qqJpjYLgHotwZFqO/8lFu4=";
};
#workhorse = {
# onionId = fileContents ../../private_assets/onion_id_workhorse;
# publicKey =
# "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII/I4JBA1HHTH2xsrEM7xtxkhRDE42lZcBrdBvN46WTx";
#};
#porani = {
# onionId = fileContents ../../private_assets/onion_id_porani;
# publicKey =
# "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGFaTRGqMd/rKpyMUP6wVbgiWFOUvUV2qS/B5Xe02UUch/wxR4fTCY+vnzku5K0V/qqJpjYLgHotwZFqO/8lFu4=";
#};
};
in {
in
{
services.openssh.knownHosts = mapAttrs' (name:
{ onionId, publicKey, ... }: {
name = "${name}-init-ssh";
value = {
hostNames = [ onionId ];
inherit publicKey;
};
}) computers;
services.openssh.knownHosts = mapAttrs'
(name:
{ onionId, publicKey, ... }: {
name = "${name}-init-ssh";
value = {
hostNames = [ onionId ];
inherit publicKey;
};
})
computers;
environment.systemPackages = let
environment.systemPackages =
let
ssh = mapAttrsToList (name:
{ onionId, ... }:
pkgs.writers.writeDashBin "ssh-boot-to-${name}" ''
${pkgs.tor}/bin/torify ${pkgs.openssh}/bin/ssh root@${onionId} -p 23
'') computers;
ssh = mapAttrsToList
(name:
{ onionId, ... }:
pkgs.writers.writeDashBin "ssh-boot-to-${name}" ''
${pkgs.tor}/bin/torify ${pkgs.openssh}/bin/ssh root@${onionId} -p 23
'')
computers;
password = mapAttrsToList (name:
{ onionId, ... }:
pkgs.writers.writeDashBin "unlock-boot-${name}" ''
${pkgs.tor}/bin/torify ${pkgs.openssh}/bin/ssh root@${onionId} -p 23 '
echo -n "enter password : "
read password
echo "$password" > /crypt-ramfs/passphrase
'
'') computers;
password = mapAttrsToList
(name:
{ onionId, ... }:
pkgs.writers.writeDashBin "unlock-boot-${name}" ''
${pkgs.tor}/bin/torify ${pkgs.openssh}/bin/ssh root@${onionId} -p 23 '
echo -n "enter password : "
read password
echo "$password" > /crypt-ramfs/passphrase
'
'')
computers;
in ssh ++ password;
in
ssh ++ password;
}

34
nixos/system/all/syncthing.nix
View file

@ -5,23 +5,25 @@ with lib; {
guiAddress = lib.mkDefault "${config.networking.hostName}.private:8384";
declarative = {
overrideDevices = true;
devices = let
device = name: id: {
"${name}" = {
name = name;
id = id;
addresses =
[ "tcp://${name}.private:22000" "tcp://${name}.private:21027" ];
devices =
let
device = name: id: {
"${name}" = {
name = name;
id = id;
addresses =
[ "tcp://${name}.private:22000" "tcp://${name}.private:21027" ];
};
};
};
in (device "workhorse"
"AFSAKB6-JLH4QAS-DSRMPI3-6PVCIHF-IIAVLPC-STPNO3Y-YRDU5NW-QD445QI")
// (device "pepe"
"SZLXFW3-VTAC7UB-V2Z7CHE-3VZAYPL-6D72AK6-OCDMPZP-G4FPY5P-FL6ZVAG")
// (device "workout"
"DZOOAKG-GI2SVOS-QEVMFL7-TRHVTPQ-ADIJEVH-RH5WV3J-6M7MJHC-C53EOAC")
// (device "sterni"
"ZFNNKPD-ZSOAYJQ-VROXXDB-5MD3UTJ-GDCNTSQ-G5POVV3-UZG5HFT-CCAU3AD") // {
in
(device "workhorse"
"AFSAKB6-JLH4QAS-DSRMPI3-6PVCIHF-IIAVLPC-STPNO3Y-YRDU5NW-QD445QI")
// (device "pepe"
"SZLXFW3-VTAC7UB-V2Z7CHE-3VZAYPL-6D72AK6-OCDMPZP-G4FPY5P-FL6ZVAG")
// (device "workout"
"DZOOAKG-GI2SVOS-QEVMFL7-TRHVTPQ-ADIJEVH-RH5WV3J-6M7MJHC-C53EOAC")
// (device "sterni"
"ZFNNKPD-ZSOAYJQ-VROXXDB-5MD3UTJ-GDCNTSQ-G5POVV3-UZG5HFT-CCAU3AD") // {
"porani" = {
name = "porani";
id =

3
nixos/system/all/tinc.nix
View file

@ -7,7 +7,8 @@ let
sha256 = "0kczrr6dr5dmhx2kbanw46w6ig2v3w42rqhjanv87xhwkgw81l08";
};
in {
in
{
imports = [ ../../modules ];

3
nixos/system/desktop/audio.nix
View file

@ -11,7 +11,8 @@ let
"${pkgs.mixxx}/bin/mixxx --settingsPath ${config.users.users.mainUser.home}/music-library-free/mixxx";
mixxxFreeDesktop = library.desktopFile mixxxFreeBin { longName = "Mixxx"; };
in {
in
{
system.custom.audio = {
enable = true;

3
nixos/system/desktop/browser.nix
View file

@ -2,7 +2,8 @@
let
backupFolder = "~/desktop";
homeFolder = "/browsers";
in {
in
{
programs.custom.browser = {
enable = lib.mkDefault true;
configList = {

3
nixos/system/desktop/cachix.nix
View file

@ -7,7 +7,8 @@ let
filterCaches = key: value: value == "regular" && lib.hasSuffix ".nix" key;
imports = lib.mapAttrsToList toImport
(lib.filterAttrs filterCaches (builtins.readDir folder));
in {
in
{
inherit imports;
nix.binaryCaches = [ "https://cache.nixos.org/" ];
}

43
nixos/system/desktop/home-manager.nix
View file

@ -25,7 +25,8 @@ let
keysym u = u U udiaeresis Udiaeresis
keysym s = s S ssharp
'';
in {
in
{
imports = [
./home-manager/dunst.nix
@ -293,21 +294,22 @@ in {
};
environment.systemPackages = let
library = import ../../library { inherit pkgs lib; };
environment.systemPackages =
let
library = import ../../library { inherit pkgs lib; };
fixKeyboard = pkgs.writeScriptBin "fix-Keyboard" # sh
''
${pkgs.xorg.xmodmap}/bin/xmodmap ${xmodmapConfig}
'';
fixKeyboard = pkgs.writeScriptBin "fix-Keyboard" # sh
''
${pkgs.xorg.xmodmap}/bin/xmodmap ${xmodmapConfig}
'';
fixXhost = pkgs.writeScriptBin "fix-xhost" # sh
''
${pkgs.xorg.xhost}/bin/xhost + &> /dev/null
'';
fixXhost = pkgs.writeScriptBin "fix-xhost" # sh
''
${pkgs.xorg.xhost}/bin/xhost + &> /dev/null
'';
fixX = pkgs.writeScriptBin "fix-X" # sh
''
fixX = pkgs.writeScriptBin "fix-X" # sh
''
${fixKeyboard}/bin/fix-Keyboard
@ -324,12 +326,13 @@ in {
done
'';
in [
fixX
fixXhost
(library.desktopFile fixX { longName = "fix X"; })
fixKeyboard
(library.desktopFile fixKeyboard { longName = "fix keyboard"; })
];
in
[
fixX
fixXhost
(library.desktopFile fixX { longName = "fix X"; })
fixKeyboard
(library.desktopFile fixKeyboard { longName = "fix keyboard"; })
];
}

41
nixos/system/desktop/home-manager/spacemacs.nix
View file

@ -14,7 +14,8 @@ let
ticks = "\"''\"";
in {
in
{
environment.systemPackages = [
# needed for the SPC p g
@ -24,25 +25,27 @@ in {
];
# download git repositories into the home folder
systemd.services = let
clone = repository: folder: branch: {
enable = true;
wantedBy = [ "multi-user.target" ];
description = "clone ${repository} to ${folder}";
serviceConfig.User = userName;
unitConfig.ConditionPathExists = "!${folder}";
script = ''
${pkgs.git}/bin/git clone ${repository} --branch ${branch} ${folder}
'';
systemd.services =
let
clone = repository: folder: branch: {
enable = true;
wantedBy = [ "multi-user.target" ];
description = "clone ${repository} to ${folder}";
serviceConfig.User = userName;
unitConfig.ConditionPathExists = "!${folder}";
script = ''
${pkgs.git}/bin/git clone ${repository} --branch ${branch} ${folder}
'';
};
in
{
spacemacs-pull =
clone "https://github.com/syl20bnr/spacemacs" "${home}/.emacs.d" "master";
# todo move this to spacevim.nix
spacevim-pull =
clone "https://github.com/SpaceVim/SpaceVim.git" "${home}/.SpaceVim"
"master";
};
in {
spacemacs-pull =
clone "https://github.com/syl20bnr/spacemacs" "${home}/.emacs.d" "master";
# todo move this to spacevim.nix
spacevim-pull =
clone "https://github.com/SpaceVim/SpaceVim.git" "${home}/.SpaceVim"
"master";
};
home-manager.users."${user}" = {

60
nixos/system/desktop/home-manager/spacevim.nix
View file

@ -1,38 +1,40 @@
{ lib, pkgs, ... }: {
environment.systemPackages = let
spacevimRepo = pkgs.fetchgit {
url = "https://github.com/SpaceVim/SpaceVim.git";
rev = "9b354e05b4716b645ba6366e1265a5048a0c23d5";
sha256 = "1mn28hf857kp0jmbgd89cf5mk4dg53jcbqqrbr9zi3b854sa9ads";
};
environment.systemPackages =
let
spacevimRepo = pkgs.fetchgit {
url = "https://github.com/SpaceVim/SpaceVim.git";
rev = "9b354e05b4716b645ba6366e1265a5048a0c23d5";
sha256 = "1mn28hf857kp0jmbgd89cf5mk4dg53jcbqqrbr9zi3b854sa9ads";
};
vimRc = pkgs.writeText "vimrc" ''
" search/grep case insensitive
:set ignorecase
vimRc = pkgs.writeText "vimrc" ''
" search/grep case insensitive
:set ignorecase
" tabs should always be 2 spaces
set et ts=2 sts=2 sw=2
" tabs should always be 2 spaces
set et ts=2 sts=2 sw=2
" show Trailing Whitespaces
:set list listchars=tab:»·,trail:
" show Trailing Whitespaces
:set list listchars=tab:»·,trail:
" start spacevim
source ${spacevimRepo}/init.vim
" start spacevim
source ${spacevimRepo}/init.vim
" configure command cross
"":hi CursorLine cterm=NONE ctermbg=0 guibg=#073642
"":hi CursorColumn cterm=NONE ctermbg=0 guibg=#073642
""set cursorline
""set cursorcolumn
" configure command cross
"":hi CursorLine cterm=NONE ctermbg=0 guibg=#073642
"":hi CursorColumn cterm=NONE ctermbg=0 guibg=#073642
""set cursorline
""set cursorcolumn
" disable noisy indentLine
let g:indentLine_enabled = 0
'';
in [
" disable noisy indentLine
let g:indentLine_enabled = 0
'';
in
[
# vim
(pkgs.writers.writeDashBin "spacevim" ''
exec ${pkgs.neovim}/bin/nvim -u ${vimRc} "$@"
'')
];
# vim
(pkgs.writers.writeDashBin "spacevim" ''
exec ${pkgs.neovim}/bin/nvim -u ${vimRc} "$@"
'')
];
}

49
nixos/system/desktop/home-manager/xmonad.nix
View file

@ -9,31 +9,32 @@ let
nixCommands = { height, width }:
pkgs.writeText "NixCommands.hs" # haskell
''
module NixCommands where
''
module NixCommands where
nixStartIrc = "${pkgs.rxvt_unicode}/bin/urxvt -e irc"
nixStartAudacious = "${pkgs.audacious}/bin/audacious"
nixStartFlameshot = "${pkgs.flameshot}/bin/flameshot gui -p /share/"
nixInvertColors = "${pkgs.xcalib}/bin/xcalib -invert -alter"
nixStartRedshift = "${pkgs.redshift}/bin/redshift -O 6100 -g 0.9:0.9:0.9 -b 0.9"
nixResetRedshift = "${pkgs.redshift}/bin/redshift -x"
nixSetCursorImage = "${pkgs.xorg.xsetroot}/bin/xsetroot -cursor_name left_ptr"
nixSetBackground = "${pkgs.polygon-art.polygon-art}/bin/rings --height ${
toString height
} --width ${
toString width
} /dev/shm/background.png && ${pkgs.feh}/bin/feh --bg-scale /dev/shm/background.png"
nixStartAlbert = "${pkgs.albert}/bin/albert"
nixStartCopyq = "${pkgs.copyq}/bin/copyq"
nixShowCopyq = "${pkgs.copyq}/bin/copyq show"
nixStartTerminal = "${pkgs.rxvt_unicode}/bin/urxvtc"
nixAlsaRaiseVolume = "${pkgs.alsaUtils}/bin/amixer set Master 5%+"
nixAlsaLowerVolume = "${pkgs.alsaUtils}/bin/amixer set Master 5%-"
nixAlsaMute = "${pkgs.alsaUtils}/bin/amixer set Master toggle"
nixNotifySend = "${pkgs.libnotify}/bin/notify-send"
'';
in {
nixStartIrc = "${pkgs.rxvt_unicode}/bin/urxvt -e irc"
nixStartAudacious = "${pkgs.audacious}/bin/audacious"
nixStartFlameshot = "${pkgs.flameshot}/bin/flameshot gui -p /share/"
nixInvertColors = "${pkgs.xcalib}/bin/xcalib -invert -alter"
nixStartRedshift = "${pkgs.redshift}/bin/redshift -O 6100 -g 0.9:0.9:0.9 -b 0.9"
nixResetRedshift = "${pkgs.redshift}/bin/redshift -x"
nixSetCursorImage = "${pkgs.xorg.xsetroot}/bin/xsetroot -cursor_name left_ptr"
nixSetBackground = "${pkgs.polygon-art.polygon-art}/bin/rings --height ${
toString height
} --width ${
toString width
} /dev/shm/background.png && ${pkgs.feh}/bin/feh --bg-scale /dev/shm/background.png"
nixStartAlbert = "${pkgs.albert}/bin/albert"
nixStartCopyq = "${pkgs.copyq}/bin/copyq"
nixShowCopyq = "${pkgs.copyq}/bin/copyq show"
nixStartTerminal = "${pkgs.rxvt_unicode}/bin/urxvtc"
nixAlsaRaiseVolume = "${pkgs.alsaUtils}/bin/amixer set Master 5%+"
nixAlsaLowerVolume = "${pkgs.alsaUtils}/bin/amixer set Master 5%-"
nixAlsaMute = "${pkgs.alsaUtils}/bin/amixer set Master toggle"
nixNotifySend = "${pkgs.libnotify}/bin/notify-send"
'';
in
{
home-manager.users.mainUser = {
home.file.".xmonad/xmonad.hs".source = ./xmonad/Main.hs;

19
nixos/system/desktop/home-manager/xmonad/env.nix
View file

@ -1,12 +1,13 @@
{ pkgs ? import <nixpkgs> {
overlays = [
(self: super: {
haskellPackages = super.haskellPackages.override {
overrides = self: super: {
current-project = super.callPackage ./current-project.nix { };
overlays = [
(self: super: {
haskellPackages = super.haskellPackages.override {
overrides = self: super: {
current-project = super.callPackage ./current-project.nix { };
};
};
};
})
];
} }:
})
];
}
}:
pkgs.haskellPackages.current-project.env

5
nixos/system/desktop/home-manager/xmonad/lsp.nix
View file

@ -2,8 +2,9 @@
let
all-hies =
import (fetchTarball "https://github.com/infinisil/all-hies/tarball/master")
{ };
in pkgs.mkShell {
{ };
in
pkgs.mkShell {
buildInputs = with pkgs; [
haskellPackages.hoogle
haskellPackages.hindent

3
nixos/system/desktop/home-manager/xmonad/shell.nix
View file

@ -6,4 +6,5 @@ let
echo "# created by cabal2nix " > ${toString ./.}/current-project.nix
${pkgs.cabal2nix}/bin/cabal2nix . >> ${toString ./.}/current-project.nix
'';
in pkgs.mkShell { buildInputs = with pkgs; [ updateCabal cabal2nix ]; }
in
pkgs.mkShell { buildInputs = with pkgs; [ updateCabal cabal2nix ]; }

3
nixos/system/desktop/icecast.nix
View file

@ -13,7 +13,8 @@ let
mountPoint = "/radio.mp3";
maxListeners = 20;
in {
in
{
services.icecast = {
enable = true;

440
nixos/system/desktop/mail-stuff.nix
View file

@ -3,7 +3,8 @@ let
passcmd = id: "${pkgs.pass}/bin/pass ${id}";
ticks = "''";
in {
in
{
# Maildir <-> Server communication
# --------------------------------
# mbsync: MailDir <-> IMAP
@ -137,247 +138,254 @@ in {
text/html; ${pkgs.elinks}/bin/elinks -dump ; copiousoutput;
'';
home-manager.users.mainUser.home.file.".muttrc".text = let
home-manager.users.mainUser.home.file.".muttrc".text =
let
index_format = pkgs.writers.writeDash "index_format" ''
# http://www.mutt.org/doc/manual/#formatstrings
recipent="$(echo $1 | sed 's/[^,]*<\([^>]*\)[^,]*/ \1/g')"
echo "%4C %Z %?GI?%GI& ? %[%y-%m-%d %H:%M] %-20.20a %?M?(%3M)& ? %s %> $recipent %?g?%g?%"
'';
in ''
# gpg
set crypt_use_gpgme=yes
set crypt_autosign=yes
set crypt_verify_sig=yes
set crypt_replysign=yes
set crypt_replyencrypt=yes
set crypt_replysignencrypted=yes
index_format = pkgs.writers.writeDash "index_format" ''
# http://www.mutt.org/doc/manual/#formatstrings
recipent="$(echo $1 | sed 's/[^,]*<\([^>]*\)[^,]*/ \1/g')"
echo "%4C %Z %?GI?%GI& ? %[%y-%m-%d %H:%M] %-20.20a %?M?(%3M)& ? %s %> $recipent %?g?%g?%"
'';
in
''
# gpg
set crypt_use_gpgme=yes
set crypt_autosign=yes
set crypt_verify_sig=yes
set crypt_replysign=yes
set crypt_replyencrypt=yes
set crypt_replysignencrypted=yes
# mutt is not smart enough to see if I have a key or not
#set crypt_autoencrypt = yes
# mutt is not smart enough to see if I have a key or not
#set crypt_autoencrypt = yes
set pgp_check_gpg_decrypt_status_fd
set pgp_use_gpg_agent = yes
set pgp_self_encrypt = yes # needs default key
set pgp_default_key = 42AC51C9482D0834CF488AF1389EC2D64AC71EAC
set pgp_check_gpg_decrypt_status_fd
set pgp_use_gpg_agent = yes
set pgp_self_encrypt = yes # needs default key
set pgp_default_key = 42AC51C9482D0834CF488AF1389EC2D64AC71EAC
# read html mails
auto_view text/html
set mailcap_path = ~/.mailcap
# read html mails
auto_view text/html
set mailcap_path = ~/.mailcap
# notmuch
set nm_default_uri="notmuch://$HOME/Maildir" # path to the maildir
set nm_record = yes
set nm_record_tags = "-inbox me archive"
set virtual_spoolfile=yes # enable virtual folders
# notmuch
set nm_default_uri="notmuch://$HOME/Maildir" # path to the maildir
set nm_record = yes
set nm_record_tags = "-inbox me archive"
set virtual_spoolfile=yes # enable virtual folders
set sendmail=${
pkgs.writers.writeBash "msmtp" ''
${pkgs.coreutils}/bin/tee >(${pkgs.notmuch}/bin/notmuch insert --create-folder +sent) | \
${pkgs.msmtp}/bin/msmtpq "$@"
''
}
set sendmail=${
pkgs.writers.writeBash "msmtp" ''
${pkgs.coreutils}/bin/tee >(${pkgs.notmuch}/bin/notmuch insert --create-folder +sent) | \
${pkgs.msmtp}/bin/msmtpq "$@"
''
}
set from="contact@ingolf-wagner.de"
#alternates ^.*@ingolf-wagner\.de$ ^.*@.*\.r$
set use_from=yes
set envelope_from=yes
set reverse_name
set from="contact@ingolf-wagner.de"
#alternates ^.*@ingolf-wagner\.de$ ^.*@.*\.r$
set use_from=yes
set envelope_from=yes
set reverse_name
set sort=threads
set sort=threads
set index_format="${index_format} %r |"
folder-hook 'Discourse.*' 'set sort=reverse-date'
set index_format="${index_format} %r |"
folder-hook 'Discourse.*' 'set sort=reverse-date'
virtual-mailboxes "INBOX" "notmuch://?query=(tag:inbox or (tag:sent and not tag:archive)) AND NOT tag:muted AND NOT tag:list AND NOT tag:fraud AND NOT tag:junk"
virtual-mailboxes "Unread" "notmuch://?query=(tag:unread AND NOT tag:muted)"
virtual-mailboxes "Space left" "notmuch://?query=((tag:spaceleft OR tag:space-lef) AND NOT tag:muted)"
virtual-mailboxes "Sononym" "notmuch://?query=(tag:sononym AND NOT tag:muted)"
virtual-mailboxes "c-base" "notmuch://?query=(tag:cbase AND NOT tag:muted)"
virtual-mailboxes "shopping" "notmuch://?query=((tag:billing OR tag:shopping) AND NOT tag:muted)"
virtual-mailboxes "Immobilien" "notmuch://?query=(tag:immobilien AND NOT tag:muted)"
virtual-mailboxes "NixOS Github" "notmuch://?query=(tag:github AND tag:nixos AND NOT tag:muted)"
virtual-mailboxes "Discourse.all" "notmuch://?query=(tag:discourse AND NOT tag:muted)"
virtual-mailboxes "Discourse.development" "notmuch://?query=(tag:discourse AND tag:development AND NOT tag:muted)"
virtual-mailboxes "Discourse.announcements" "notmuch://?query=(tag:discourse AND tag:announcements AND NOT tag:muted)"
virtual-mailboxes "Discourse.links" "notmuch://?query=(tag:discourse AND tag:links AND NOT tag:muted)"
virtual-mailboxes "Discourse.games" "notmuch://?query=(tag:discourse AND tag:games AND NOT tag:muted)"
virtual-mailboxes "Discourse.meta" "notmuch://?query=(tag:discourse AND tag:meta AND NOT tag:muted)"
virtual-mailboxes "Discourse.events" "notmuch://?query=(tag:discourse AND tag:events AND NOT tag:muted)"
virtual-mailboxes "Flagged" "notmuch://?query=tag:flagged"
virtual-mailboxes "Archive" "notmuch://?query=tag:archive"
virtual-mailboxes "Sent" "notmuch://?query=tag:sent"
virtual-mailboxes "Fraud" "notmuch://?query=(tag:fraud)"
virtual-mailboxes "Junk" "notmuch://?query=(tag:junk)"
virtual-mailboxes "All" "notmuch://?query=*"
virtual-mailboxes "INBOX" "notmuch://?query=(tag:inbox or (tag:sent and not tag:archive)) AND NOT tag:muted AND NOT tag:list AND NOT tag:fraud AND NOT tag:junk"
virtual-mailboxes "Unread" "notmuch://?query=(tag:unread AND NOT tag:muted)"
virtual-mailboxes "Space left" "notmuch://?query=((tag:spaceleft OR tag:space-lef) AND NOT tag:muted)"
virtual-mailboxes "Sononym" "notmuch://?query=(tag:sononym AND NOT tag:muted)"
virtual-mailboxes "c-base" "notmuch://?query=(tag:cbase AND NOT tag:muted)"
virtual-mailboxes "shopping" "notmuch://?query=((tag:billing OR tag:shopping) AND NOT tag:muted)"
virtual-mailboxes "Immobilien" "notmuch://?query=(tag:immobilien AND NOT tag:muted)"
virtual-mailboxes "NixOS Github" "notmuch://?query=(tag:github AND tag:nixos AND NOT tag:muted)"
virtual-mailboxes "Discourse.all" "notmuch://?query=(tag:discourse AND NOT tag:muted)"
virtual-mailboxes "Discourse.development" "notmuch://?query=(tag:discourse AND tag:development AND NOT tag:muted)"
virtual-mailboxes "Discourse.announcements" "notmuch://?query=(tag:discourse AND tag:announcements AND NOT tag:muted)"
virtual-mailboxes "Discourse.links" "notmuch://?query=(tag:discourse AND tag:links AND NOT tag:muted)"
virtual-mailboxes "Discourse.games" "notmuch://?query=(tag:discourse AND tag:games AND NOT tag:muted)"
virtual-mailboxes "Discourse.meta" "notmuch://?query=(tag:discourse AND tag:meta AND NOT tag:muted)"
virtual-mailboxes "Discourse.events" "notmuch://?query=(tag:discourse AND tag:events AND NOT tag:muted)"
virtual-mailboxes "Flagged" "notmuch://?query=tag:flagged"
virtual-mailboxes "Archive" "notmuch://?query=tag:archive"
virtual-mailboxes "Sent" "notmuch://?query=tag:sent"
virtual-mailboxes "Fraud" "notmuch://?query=(tag:fraud)"
virtual-mailboxes "Junk" "notmuch://?query=(tag:junk)"
virtual-mailboxes "All" "notmuch://?query=*"
tag-transforms "junk" "k" \
"unread" "u" \
"replied" "" \
tag-transforms "junk" "k" \
"unread" "u" \
"replied" "" \
# notmuch bindings
bind index \\\\ noop
bind pager \\ noop
bind pager \\\\ noop
macro index \\\\ "<vfolder-from-query>" # looks up a hand made query
macro pager \\\\ "<vfolder-from-query>" # looks up a hand made query
# notmuch bindings
bind index \\\\ noop
bind pager \\ noop
bind pager \\\\ noop
macro index \\\\ "<vfolder-from-query>" # looks up a hand made query
macro pager \\\\ "<vfolder-from-query>" # looks up a hand made query
macro index + "<modify-labels>+flagged\n<sync-mailbox>" # tag as starred
macro pager + "<modify-labels>+flagged\n<sync-mailbox>" # tag as starred
macro index ! "<modify-labels>+flagged\n<sync-mailbox>" # tag as starred
macro pager ! "<modify-labels>+flagged\n<sync-mailbox>" # tag as starred
macro index - "<modify-labels>-flagged\n<sync-mailbox>" # tag as unstarred
macro pager - "<modify-labels>-flagged\n<sync-mailbox>" # tag as unstarred
macro index + "<modify-labels>+flagged\n<sync-mailbox>" # tag as starred
macro pager + "<modify-labels>+flagged\n<sync-mailbox>" # tag as starred
macro index ! "<modify-labels>+flagged\n<sync-mailbox>" # tag as starred
macro pager ! "<modify-labels>+flagged\n<sync-mailbox>" # tag as starred
macro index - "<modify-labels>-flagged\n<sync-mailbox>" # tag as unstarred
macro pager - "<modify-labels>-flagged\n<sync-mailbox>" # tag as unstarred
# Address Book
# ------------
set query_command="${pkgs.notmuch-addrlookup}/bin/notmuch-addrlookup --mutt '%s'"
# Address Book
# ------------
set query_command="${pkgs.notmuch-addrlookup}/bin/notmuch-addrlookup --mutt '%s'"
# keys bindings
# -------------
bind index d noop
bind index D noop
bind pager d noop
bind pager D noop
macro index D "<modify-labels-then-hide>-inbox -unread +deleted\n" # tag as deleted mail
macro index d "<modify-labels>-deleted\n" # tag as deleted mail
macro pager D "<modify-labels-then-hide>-inbox -unread +deleted\n" # tag as deleted mail
macro pager d "<modify-labels>-deleted\n" # tag as deleted mail
# keys bindings
# -------------
bind index d noop
bind index D noop
bind pager d noop
bind pager D noop
macro index D "<modify-labels-then-hide>-inbox -unread +deleted\n" # tag as deleted mail
macro index d "<modify-labels>-deleted\n" # tag as deleted mail
macro pager D "<modify-labels-then-hide>-inbox -unread +deleted\n" # tag as deleted mail
macro pager d "<modify-labels>-deleted\n" # tag as deleted mail
bind index S noop
bind index s noop
bind pager S noop
bind pager s noop
macro index S "<modify-labels-then-hide>-inbox -unread +junk\n" # tag as junk mail
macro index s "<modify-labels>-junk\n" # tag as junk mail
macro pager S "<modify-labels-then-hide>-inbox -unread +junk\n" # tag as junk mail
macro pager s "<modify-labels>-junk\n" # tag as junk mail
bind index S noop
bind index s noop
bind pager S noop
bind pager s noop
macro index S "<modify-labels-then-hide>-inbox -unread +junk\n" # tag as junk mail
macro index s "<modify-labels>-junk\n" # tag as junk mail
macro pager S "<modify-labels-then-hide>-inbox -unread +junk\n" # tag as junk mail
macro pager s "<modify-labels>-junk\n" # tag as junk mail
bind index r noop
bind index R noop
bind pager r noop
bind pager R noop
macro index r "<group-reply>" # reply to all
macro index R "<reply>" # reply
macro pager r "<group-reply>" # reply to all
macro pager R "<reply>" # reply
bind index r noop
bind index R noop
bind pager r noop
bind pager R noop
macro index r "<group-reply>" # reply to all
macro index R "<reply>" # reply
macro pager r "<group-reply>" # reply to all
macro pager R "<reply>" # reply
bind index A noop
bind index a noop
bind pager A noop
bind pager a noop
macro index A "<modify-labels>+archive -unread -inbox\n" # tag as Archived
macro index a "<modify-labels>-archive\n" # tag as Archived
macro pager A "<modify-labels>+archive -unread -inbox\n" # tag as Archived
macro pager a "<modify-labels>-archive\n" # tag as Archived
bind index A noop
bind index a noop
bind pager A noop
bind pager a noop
macro index A "<modify-labels>+archive -unread -inbox\n" # tag as Archived
macro index a "<modify-labels>-archive\n" # tag as Archived
macro pager A "<modify-labels>+archive -unread -inbox\n" # tag as Archived
macro pager a "<modify-labels>-archive\n" # tag as Archived
bind index U noop
bind index u noop
bind pager U noop
bind pager u noop
macro index u "<modify-labels>+unread\n"
macro index U "<modify-labels>-unread\n"
macro pager u "<modify-labels>+unread\n"
macro pager U "<modify-labels>-unread\n"
bind index U noop
bind index u noop
bind pager U noop
bind pager u noop
macro index u "<modify-labels>+unread\n"
macro index U "<modify-labels>-unread\n"
macro pager u "<modify-labels>+unread\n"
macro pager U "<modify-labels>-unread\n"
bind index l noop
bind pager l noop
macro index l "<modify-labels>" # set tags manual
macro pager l "<modify-labels>" # set tags manual
bind index l noop
bind pager l noop
macro index l "<modify-labels>" # set tags manual
macro pager l "<modify-labels>" # set tags manual
# taskwarrior
# -----------
# from https://www.nixternal.com/mark-e-mails-in-mutt-as-tasks-in-taskwarrior/
bind index t noop
bind pager t noop
bind index T noop
bind pager T noop
macro index T "<pipe-message>${
pkgs.writers.writeDash "mutt2task" ''
${pkgs.taskwarrior}/bin/task add +email scheduled:today E-mail: $( ${pkgs.gnugrep}/bin/grep 'Subject' $* | awk -F: '{print $2}' )
''
}<enter>"
# taskwarrior
# -----------
# from https://www.nixternal.com/mark-e-mails-in-mutt-as-tasks-in-taskwarrior/
bind index t noop
bind pager t noop
bind index T noop
bind pager T noop
macro index T "<pipe-message>${
pkgs.writers.writeDash "mutt2task" ''
${pkgs.taskwarrior}/bin/task add +email scheduled:today E-mail: $( ${pkgs.gnugrep}/bin/grep 'Subject' $* | awk -F: '{print $2}' )
''
}<enter>"
# top index bar in email view
set pager_index_lines=7
# top_index_bar toggle
macro pager ,@1 "<enter-command> set pager_index_lines=0; macro pager ] ,@2 'Toggle indexbar<Enter>"
macro pager ,@2 "<enter-command> set pager_index_lines=3; macro pager ] ,@3 'Toggle indexbar<Enter>"
macro pager ,@3 "<enter-command> set pager_index_lines=7; macro pager ] ,@1 'Toggle indexbar<Enter>"
macro pager ] ,@1 'Toggle indexbar
# top index bar in email view
set pager_index_lines=7
# top_index_bar toggle
macro pager ,@1 "<enter-command> set pager_index_lines=0; macro pager ] ,@2 'Toggle indexbar<Enter>"
macro pager ,@2 "<enter-command> set pager_index_lines=3; macro pager ] ,@3 'Toggle indexbar<Enter>"
macro pager ,@3 "<enter-command> set pager_index_lines=7; macro pager ] ,@1 'Toggle indexbar<Enter>"
macro pager ] ,@1 'Toggle indexbar
# sidebar
# -------
set sidebar_width = 20
set sidebar_visible = yes # set to "no" to disable sidebar view at startup
color sidebar_new yellow default
# sidebar bindings
bind index <left> sidebar-prev # got to previous folder in sidebar
bind index <right> sidebar-next # got to next folder in sidebar
bind index <space> sidebar-open # open selected folder from sidebar
# sidebar
# -------
set sidebar_width = 20
set sidebar_visible = yes # set to "no" to disable sidebar view at startup
color sidebar_new yellow default
# sidebar bindings
bind index <left> sidebar-prev # got to previous folder in sidebar
bind index <right> sidebar-next # got to next folder in sidebar
bind index <space> sidebar-open # open selected folder from sidebar
# sidebar toggle
#macro index,pager ,@) "<enter-command> set sidebar_visible=no; macro index,pager [ ,@( 'Toggle sidebar'<Enter>"
#macro index,pager ,@( "<enter-command> set sidebar_visible=yes; macro index,pager [ ,@) 'Toggle sidebar'<Enter>"
#macro index,pager [ ,@( 'Toggle sidebar' # toggle the sidebar
'';
environment.systemPackages = let
mailSync = pkgs.writers.writeDashBin "mail-sync" ''
${pkgs.muchsync}/bin/muchsync mailfetcher@workhorse.private --nonew
'';
mailSend = pkgs.writers.writeDashBin "mail-send" ''
${pkgs.msmtp}/bin/msmtp-queue -r
'';
mailView = pkgs.writers.writeDashBin "mail-view" ''
${pkgs.neomutt}/bin/neomutt"$@"
'';
mutt = pkgs.writers.writeDashBin "mutt" ''
${pkgs.neomutt}/bin/neomutt"$@"
'';
mail = pkgs.writers.writeDashBin "mail" ''
${mailSync}/bin/mail-sync
${mailView}/bin/mail-view
${mailSend}/bin/mail-send
${mailSync}/bin/mail-sync
'';
mailDelete = let notmuch = "${pkgs.notmuch}/bin/notmuch";
in pkgs.writers.writeBashBin "mail-delete" ''
set -efu
set -o pipefail
if ! ${notmuch} search --exclude=false tag:deleted | tac ; then
echo 'No killed mail.'
exit 1
fi
printf 'want do rm this mail? \[y/N\] '
read REPLY
case "$REPLY" in
y|Y) :;; # continue
*)
echo 'abort.'
exit 2
;;
esac
${notmuch} search --output=files --exclude=false tag:deleted | while read line; do rm -v "$line" ; done
${notmuch} new
# sidebar toggle
#macro index,pager ,@) "<enter-command> set sidebar_visible=no; macro index,pager [ ,@( 'Toggle sidebar'<Enter>"
#macro index,pager ,@( "<enter-command> set sidebar_visible=yes; macro index,pager [ ,@) 'Toggle sidebar'<Enter>"
#macro index,pager [ ,@( 'Toggle sidebar' # toggle the sidebar
'';
in [
pkgs.notmuch
pkgs.muchsync
mail
mailSync
mailView
mailSend
pkgs.neomutt
mutt
mailDelete
];
environment.systemPackages =
let
mailSync = pkgs.writers.writeDashBin "mail-sync" ''
${pkgs.muchsync}/bin/muchsync mailfetcher@workhorse.private \
--config /home/mailfetcher/.config/notmuch/notmuchrc \
--nonew
'';
mailSend = pkgs.writers.writeDashBin "mail-send" ''
${pkgs.msmtp}/bin/msmtp-queue -r
'';
mailView = pkgs.writers.writeDashBin "mail-view" ''
${pkgs.neomutt}/bin/neomutt"$@"
'';
mutt = pkgs.writers.writeDashBin "mutt" ''
${pkgs.neomutt}/bin/neomutt"$@"
'';
mail = pkgs.writers.writeDashBin "mail" ''
${mailSync}/bin/mail-sync
${mailView}/bin/mail-view
${mailSend}/bin/mail-send
${mailSync}/bin/mail-sync
'';
mailDelete =
let notmuch = "${pkgs.notmuch}/bin/notmuch";
in pkgs.writers.writeBashBin "mail-delete" ''
set -efu
set -o pipefail
if ! ${notmuch} search --exclude=false tag:deleted | tac ; then
echo 'No killed mail.'
exit 1
fi
printf 'want do rm this mail? \[y/N\] '
read REPLY
case "$REPLY" in
y|Y) :;; # continue
*)
echo 'abort.'
exit 2
;;
esac
${notmuch} search --output=files --exclude=false tag:deleted | while read line; do rm -v "$line" ; done
${notmuch} new
'';
in
[
pkgs.notmuch
pkgs.muchsync
mail
mailSync
mailView
mailSend
pkgs.neomutt
mutt
mailDelete
];
}

3
nixos/system/desktop/mc.nix
View file

@ -320,7 +320,8 @@ let
'';
in {
in
{
environment.systemPackages = [
(pkgs.symlinkJoin {
name = "mc";

70
nixos/system/desktop/packages.nix
View file

@ -6,12 +6,14 @@ let
library = import ../../library { inherit pkgs lib; };
allLicenses = let
licenses = builtins.map
(license: "echo '${license.shortName} : ${license.fullName}'")
(builtins.attrValues pkgs.lib.licenses);
in pkgs.writers.writeBashBin "all-licenses"
(lib.concatStringsSep "\n" licenses);
allLicenses =
let
licenses = builtins.map
(license: "echo '${license.shortName} : ${license.fullName}'")
(builtins.attrValues pkgs.lib.licenses);
in
pkgs.writers.writeBashBin "all-licenses"
(lib.concatStringsSep "\n" licenses);
#joplin = pkgs.joplin-desktop;
#joplin = pkgs.joplin-desktop;
@ -72,35 +74,35 @@ let
connectToSpeaker = name: id:
pkgs.writeShellScriptBin "connect-to-speaker-${name}" # sh
''
# hacky script because I have problems with
# automatically connecting to trusted bluetooth devices.
''
# hacky script because I have problems with
# automatically connecting to trusted bluetooth devices.
echo "Connect to Speaker ${name}"
echo "Connect to Speaker ${name}"
bluetoothctl <<EOF
power on
agent on
scan on
connect ${id}
EOF
'';
bluetoothctl <<EOF
power on
agent on
scan on
connect ${id}
EOF
'';
disconnectToSpeaker = name: id:
pkgs.writeShellScriptBin "disconnect-from-speaker-${name}" # sh
''
# hacky script because I have problems with
# automatically connecting to trusted bluetooth devices.
''
# hacky script because I have problems with
# automatically connecting to trusted bluetooth devices.
echo "Disconnect from Speaker ${name}"
echo "Disconnect from Speaker ${name}"
bluetoothctl <<EOF
disconnect ${id}
scan off
agent off
power off
EOF
'';
bluetoothctl <<EOF
disconnect ${id}
scan off
agent off
power off
EOF
'';
borrow = pkgs.writers.writeDashBin "borrow" # sh
''
@ -120,9 +122,9 @@ let
bank-old = year:
pkgs.writers.writeDashBin "bank-${year}" # sh
''
TERM=xterm-mono ${pkgs.hledger-ui}/bin/hledger-ui --file ~/finance/hledger/${year}.journal "$@"
'';
''
TERM=xterm-mono ${pkgs.hledger-ui}/bin/hledger-ui --file ~/finance/hledger/${year}.journal "$@"
'';
irc = pkgs.writers.writeDashBin "irc" # sh
''
@ -161,7 +163,8 @@ let
mv "$TMP" "$input"
'';
in {
in
{
# ffmpeg scripts to encode movies
programs.custom.ffmpeg.enable = true;
@ -179,7 +182,8 @@ in {
connectToBrullrohre = connectToSpeaker "brullrohre" "FC:A8:9A:ED:B8:FA";
disconnectToBrullrohre =
disconnectToSpeaker "brullrohre" "FC:A8:9A:ED:B8:FA";
in [
in
[
uget
#zettlr

3
nixos/system/desktop/pass.nix
View file

@ -24,7 +24,8 @@ let
'';
};
in {
in
{
environment.systemPackages = [
pkgs.pass-otp

3
nixos/system/desktop/size.nix
View file

@ -6,7 +6,8 @@ let
cfg = config.configuration.desktop;
in {
in
{
options.configuration.desktop = {
height = mkOption {

18
nixos/system/desktop/suspend.nix
View file

@ -4,7 +4,8 @@ with lib;
let
cfg = config.system.custom.suspend;
in {
in
{
options.system.custom.suspend.enable = mkEnableOption "use xlock in suspend";
@ -13,12 +14,15 @@ in {
systemd.services.screenlock = {
before = [ "sleep.target" ];
requiredBy = [ "sleep.target" ];
environment = let
display = if (config.services.xserver.display != null) then
config.services.xserver.display
else
0;
in { DISPLAY = ":${toString display}"; };
environment =
let
display =
if (config.services.xserver.display != null) then
config.services.xserver.display
else
0;
in
{ DISPLAY = ":${toString display}"; };
script = ''
${pkgs.xlockmore}/bin/xlock -mode life1d -size 1 &
sleep 1

68
nixos/system/desktop/wtf.nix
View file

@ -1,38 +1,40 @@
{ pkgs, lib, config, ... }:
let
networkStatus = let
networkStatus =
let
q-online = ''
if ${pkgs.curl}/bin/curl -s google.com >/dev/null; then
echo 'status: online'
else
echo 'status: offline '
fi
q-online = ''
if ${pkgs.curl}/bin/curl -s google.com >/dev/null; then
echo 'status: online'
else
echo 'status: offline '
fi
'';
q-wireless = ''
for dev in $(
${pkgs.iw}/bin/iw dev \
| ${pkgs.gnused}/bin/sed -n 's/^\s*Interface\s\+\([0-9a-z]\+\)$/\1/p'
); do
inet=$(${pkgs.iproute}/bin/ip addr show $dev \
| ${pkgs.gnused}/bin/sed -n 's/.*inet \([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+\).*/\1/p') \
|| unset inet
ssid=$(${pkgs.iw}/bin/iw dev $dev link \
| ${pkgs.gnused}/bin/sed -n 's/.*\tSSID: \(.*\)/\1/p' \
| ${pkgs.coreutils}/bin/tr -d '\r') \
|| unset ssid
printf '%s: %s %s\n' $dev ''${inet+ $inet} ''${ssid+ $ssid}
done
'';
in
pkgs.writers.writeBash "network-status" ''
${q-wireless}
${q-online}
${pkgs.coreutils}/bin/uptime
'';
q-wireless = ''
for dev in $(
${pkgs.iw}/bin/iw dev \
| ${pkgs.gnused}/bin/sed -n 's/^\s*Interface\s\+\([0-9a-z]\+\)$/\1/p'
); do
inet=$(${pkgs.iproute}/bin/ip addr show $dev \
| ${pkgs.gnused}/bin/sed -n 's/.*inet \([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+\).*/\1/p') \
|| unset inet
ssid=$(${pkgs.iw}/bin/iw dev $dev link \
| ${pkgs.gnused}/bin/sed -n 's/.*\tSSID: \(.*\)/\1/p' \
| ${pkgs.coreutils}/bin/tr -d '\r') \
|| unset ssid
printf '%s: %s %s\n' $dev ''${inet+ $inet} ''${ssid+ $ssid}
done
'';
in pkgs.writers.writeBash "network-status" ''
${q-wireless}
${q-online}
${pkgs.coreutils}/bin/uptime
'';
taskNextWeek = pkgs.writers.writeDash "taskweek" ''
${pkgs.taskwarrior}/bin/task \
export \
@ -57,7 +59,7 @@ let
userHighlight = map ({ user, ... }: user)
(builtins.attrValues config.programs.custom.browser.configList)
++ [ "steam" ];
++ [ "steam" ];
activeUsers = pkgs.writers.writeBash "active-users" ''
${pkgs.procps}/bin/ps -eo user \
@ -80,7 +82,8 @@ let
position.height = height;
position.width = width;
} // (lib.filterAttrs
(key: _: lib.all (x: x != key) [ "height" "width" "top" "left" ]) args);
(key: _: lib.all (x: x != key) [ "height" "width" "top" "left" ])
args);
# command runner module
cmdRunner = args@{ cmd, ... }:
@ -386,7 +389,8 @@ let
${pkgs.unstable.wtf}/bin/wtfutil --config=${toString configuration}
'';
in {
in
{
services.upower.enable = true;

3
nixos/system/desktop/xlock.nix
View file

@ -30,7 +30,8 @@ let
${pkgs.xlockmore}/bin/xlock -mode life1d -size 1
'';
in {
in
{
environment.systemPackages = [ lockProgram desktopFile ];
}

51
nixos/system/server/initssh.nix
View file

@ -6,7 +6,8 @@ let
cfg = config.configuration.init-ssh;
in {
in
{
options.configuration.init-ssh = {
@ -22,7 +23,7 @@ in {
};
port = mkOption {
default = 23;
default = 22;
type = with types; int;
};
@ -30,7 +31,7 @@ in {
type = with types; listOf str;
default = config.users.users.root.openssh.authorizedKeys.keys
++ (map (keyFile: lib.fileContents keyFile)
config.users.users.root.openssh.authorizedKeys.keyFiles);
config.users.users.root.openssh.authorizedKeys.keyFiles);
};
hostKey = mkOption {
default = "/etc/ssh/ssh_host_ed25519_key";
@ -50,7 +51,7 @@ in {
services.tor = {
enable = true;
client.enable = true;
relay.onionServices.bootup.map = [{ port = 23; }];
relay.onionServices.bootup.map = [{ port = 22; }];
};
})
@ -65,28 +66,30 @@ in {
copy_bin_and_libs ${pkgs.tor}/bin/tor
'';
boot.initrd.network.postCommands = let
torRc = (pkgs.writeText "tor.rc" ''
DataDirectory /etc/tor
SOCKSPort 127.0.0.1:9050 IsolateDestAddr
SOCKSPort 127.0.0.1:9063
HiddenServiceDir /etc/tor/onion/bootup
HiddenServicePort ${toString cfg.port} 127.0.0.1:${toString cfg.port}
'');
in ''
echo "tor: preparing onion folder"
# have to do this otherwise tor does not want to start
chmod -R 700 /etc/tor
boot.initrd.network.postCommands =
let
torRc = (pkgs.writeText "tor.rc" ''
DataDirectory /etc/tor
SOCKSPort 127.0.0.1:9050 IsolateDestAddr
SOCKSPort 127.0.0.1:9063
HiddenServiceDir /etc/tor/onion/bootup
HiddenServicePort ${toString cfg.port} 127.0.0.1:${toString cfg.port}
'');
in
''
echo "tor: preparing onion folder"
# have to do this otherwise tor does not want to start
chmod -R 700 /etc/tor
echo "make sure localhost is up"
ip a a 127.0.0.1/8 dev lo
# ifconfig lo up
ip link set lo up
echo "make sure localhost is up"
ip a a 127.0.0.1/8 dev lo
# ifconfig lo up
ip link set lo up
echo "tor: starting tor"
tor -f ${torRc} --verify-config
tor -f ${torRc} &
'';
echo "tor: starting tor"
tor -f ${torRc} --verify-config
tor -f ${torRc} &
'';
# ssh setup
# todo add the ssh host fingerprint to your trusted stuff

24
nixos/system/server/packages.nix
View file

@ -1,16 +1,20 @@
{ pkgs, config, lib, ... }: {
# no need to to start a service
environment.systemPackages = let
environment.systemPackages =
let
nginxShowConfig = pkgs.writers.writePython3Bin "nginx-show-config" {
flakeIgnore = [ "E265" "E225" "W292" ];
} (lib.fileContents ../../assets/nginx-show-config.sh);
in [
pkgs.mosh
nginxShowConfig = pkgs.writers.writePython3Bin "nginx-show-config"
{
flakeIgnore = [ "E265" "E225" "W292" ];
}
(lib.fileContents ../../assets/nginx-show-config.sh);
in
[
pkgs.mosh
# nginxfmt
pkgs.nginx-config-formatter
nginxShowConfig
];
# nginxfmt
pkgs.nginx-config-formatter
nginxShowConfig
];
}