components refactorings

flake.nix

@@ -146,9 +146,9 @@
           meta = {
             nixpkgs = import nixpkgs {
               system = "x86_64-linux";
+              config.allowUnfree = true;
               overlays = [
                 (_self: _super: {
-                  # we assign the overlay created before to the overlays of nixpkgs.
                   unstable = import nixpkgs-unstable {
                     inherit system;
                     config.allowUnfree = true;
@@ -158,7 +158,6 @@
                   landingpage = landingpage.packages.${pkgs.system}.plain;
                   trilium-server = nixpkgs-unstable.legacyPackages.${pkgs.system}.trilium-server;
                   kmonad = kmonad.packages.${pkgs.system}.kmonad;
-
                 })
               ];
             };
@@ -211,11 +210,13 @@
           cream = { name, nodes, pkgs, ... }: {
             deployment.allowLocalDeployment = true;
             deployment.targetHost = "${name}.private";
+            #deployment.targetHost = "localhost";
             deployment.tags = [ "desktop" "online" "private" ];
             imports = [
               grocy-scanner.nixosModule
               nixos-hardware.nixosModules.framework-12th-gen-intel
               private_assets.nixosModules.jobrad
+              retiolum.nixosModules.retiolum
             ];
 
             home-manager.users.mainUser = {

nixos/components/gui/bugwarriorc.toml

@@ -0,0 +1,29 @@
+[general]
+targets = terranix, github_private
+static_fields = priority
+log.level = INFO
+
+[terranix]
+service = github
+github.login = mrVanDalo
+github.token = @oracle:eval:/nix/store/zhs5nd260m8s9nn8w4y9v8isfvclq9i3-password-store-1.7.4/bin/pass development/github/mrVanDalo/bugwarriorAccessToken
+github.username = mrVanDalo
+github.default_priority =
+github.description_template = {{githubtitle}} {{githuburl}}
+github.add_tags = github
+github.project_name = terranix
+github.involved_issues = True
+github.query = org:terranix is:open
+github.include_user_issues = False
+github.include_user_repos = False
+
+[github_private]
+service = github
+github.login = mrVanDalo
+github.token = @oracle:eval:/nix/store/zhs5nd260m8s9nn8w4y9v8isfvclq9i3-password-store-1.7.4/bin/pass development/github/mrVanDalo/bugwarriorAccessToken
+github.username = mrVanDalo
+github.description_template = {{githubtitle}} {{githuburl}}
+github.add_tags = github
+github.involved_issues = True
+github.include_user_issues = True
+github.include_user_repos = True

nixos/components/gui/default.nix

@@ -14,6 +14,7 @@ with lib;
     ./pass.nix
     ./audio.nix
     ./kmonad.nix
+    ./taskwarrior.nix
   ];
 
   config = mkIf config.components.gui.enable {

nixos/components/gui/home-manager/default.nix

@@ -9,7 +9,7 @@ with lib;
     ./i3.nix
   ];
 
-  config = lib.mkIf config.components.gui.enable {
+  config = mkIf config.components.gui.enable {
 
     # don't run autoload -U compinit && compinit before ~/.zshrc
     programs.zsh.enableGlobalCompInit = false;
@@ -56,38 +56,6 @@ with lib;
         defaultKeymap = "viins";
       };
 
-      home.file.".config/bugwarrior/bugwarriorrc".text = ''
-        [general]
-        targets = terranix, github_private
-        static_fields = priority
-        log.level = INFO
-
-        [terranix]
-        service = github
-        github.login = mrVanDalo
-        github.token = @oracle:eval:${pkgs.pass}/bin/pass development/github/mrVanDalo/bugwarriorAccessToken
-        github.username = mrVanDalo
-        github.default_priority =
-        github.description_template = {{githubtitle}} {{githuburl}}
-        github.add_tags = github
-        github.project_name = terranix
-        github.involved_issues = True
-        github.query = org:terranix is:open
-        github.include_user_issues = False
-        github.include_user_repos = False
-
-        [github_private]
-        service = github
-        github.login = mrVanDalo
-        github.token = @oracle:eval:${pkgs.pass}/bin/pass development/github/mrVanDalo/bugwarriorAccessToken
-        github.username = mrVanDalo
-        github.description_template = {{githubtitle}} {{githuburl}}
-        github.add_tags = github
-        github.involved_issues = True
-        github.include_user_issues = True
-        github.include_user_repos = True
-      '';
-
       xdg.configFile."ncmpcpp/config".text = ''
         mpd_host = "pepe.private"
         mpd_port = 6600

nixos/components/gui/taskwarrior.nix

@@ -0,0 +1,43 @@
+{ config, pkgs, lib, ... }:
+with lib;
+{
+  options.components.gui.taskwarrior.enable = mkOption {
+    type = lib.types.bool;
+    default = config.components.gui.enable;
+  };
+
+  config = mkIf (config.components.gui.taskwarrior.enable) {
+
+    environment.systemPackages = with pkgs; [
+
+      unstable.taskwarrior-tui
+      taskwarrior
+      timewarrior
+      tasksh
+      (pkgs.writeShellScriptBin "tsak" ''${pkgs.taskwarrior}/bin/task "$@"'')
+
+      (pkgs.writers.writeBashBin "calendar" ''
+        ${pkgs.taskwarrior}/bin/task calendar
+        ${pkgs.taskwarrior}/bin/task calendar_report
+      '')
+
+      unstable.vit
+      (pkgs.writers.writeBashBin "active" "${vit}/bin/vit active")
+      (pkgs.writers.writeBashBin "todo" "${vit}/bin/vit todo")
+
+      taskwarrior-hooks
+      vdirsyncer
+      khal
+      (pkgs.writers.writeBashBin "kalendar" ''
+        ${pkgs.vdirsyncer}/bin/vdirsyncer sync
+        ${pkgs.khal}/bin/ikhal
+      '')
+
+      python3Packages.bugwarrior
+    ];
+
+    home-manager.users.mainUser.home.file.".config/bugwarrior/bugwarriorrc".source = ./bugwarriorc.toml;
+
+  };
+
+}

nixos/components/network/avahi.nix

@@ -0,0 +1,23 @@
+{ ... }:
+{
+
+  # true => ping chungus  working
+  # false => ping chungus  not working
+  services.resolved = {
+    llmnr = "false";
+    #extraConfig = "mDNS=false";
+  };
+
+  #systemd.services.systemd-resolved.serviceConfig.Environment = "SYSTEMD_LOG_LEVEL=debug";
+
+  #services.avahi.enable = false;
+  services.avahi = {
+    enable = true;
+    nssmdns = true;
+    extraConfig = ''
+      [server]
+      disallow-other-stacks=yes
+    '';
+    interfaces = [ "tinc.private" ];
+  };
+}

nixos/components/network/bind9.nix

@@ -0,0 +1,16 @@
+{ ... }:
+{
+  services.bind = {
+    enable = false;
+    zones = {
+      private = {
+        name = "*.private";
+        extraConfig = "";
+        file = "/var/dns/tinc.private";
+        master = true;
+        #masters = [ "192.168.0.1" ];
+        #slaves = [ ];
+      };
+    };
+  };
+}

nixos/components/network/default.nix

@@ -14,6 +14,8 @@ with types;
     ./tinc
     ./hosts.nix
     ./wifi.nix
+    #./avahi.nix
+    #./bind9.nix
   ];
 
   config = mkIf config.components.network.enable { };

nixos/components/network/hosts.nix

@@ -1,5 +1,5 @@
 {
-  networking.extraHosts = ''
-    144.76.13.147 robi
-  '';
+  #networking.extraHosts = ''
+  #  144.76.13.147 robi
+  #'';
 }

nixos/components/terminal/default.nix

@@ -10,6 +10,7 @@ with lib;
     ./hoard.nix
     ./remote-install.nix
     ./wtf.nix
+    ./git.nix
   ];
 
   config = mkIf config.components.terminal.enable {

nixos/components/terminal/git.nix

@@ -0,0 +1,31 @@
+{ config, pkgs, lib, ... }:
+with lib;
+{
+  options.components.terminal.git.enable = mkOption {
+    type = lib.types.bool;
+    default = config.components.terminal.enable;
+  };
+
+  config = mkIf (config.components.terminal.git.enable) {
+
+
+    environment.systemPackages = with pkgs; [
+      git
+      gita
+      tig
+      lazygit
+      git-crypt
+      gitAndTools.gitflow
+      gitAndTools.gitSVN
+      gitAndTools.git2cl
+
+      # merge tools
+      meld
+
+      # activate using :
+      # git config --global core.pager "diff-so-fancy | less --tabs=4 -RFX"
+      gitAndTools.diff-so-fancy
+    ];
+  };
+}
+

nixos/machines/cream/configuration.nix

@@ -9,8 +9,9 @@
     ./hardware-configuration.nix
     ./packages.nix
     ./syncthing.nix
-    ./tinc.nix
     ./cups.nix
+    ./tinc.nix
+    ./tinc_retiolum.nix
 
     #./wifi-access-point.nix
     #./wireshark.nix

nixos/machines/cream/packages.nix

@@ -17,7 +17,8 @@ in
 {
   environment.systemPackages = with pkgs; [
 
-    kmonad
+    easytag
+    dconf
 
     ((ganttproject-bin.override {
       jre = pkgs.openjdk11;

nixos/machines/cream/tinc_retiolum.nix

@@ -0,0 +1,15 @@
+{ config, ... }:
+{
+  sops.secrets.tinc_retiolum_ed25519_key = { };
+  sops.secrets.tinc_retiolum_rsa_key = { };
+
+  networking.retiolum.port = 720;
+  networking.retiolum.nodename = "sol";
+
+  services.tinc.networks.retiolum = {
+
+    ed25519PrivateKeyFile = config.sops.secrets.tinc_retiolum_ed25519_key.path;
+    rsaPrivateKeyFile = config.sops.secrets.tinc_retiolum_rsa_key.path;
+
+  };
+}

nixos/modules/default.nix

@@ -16,17 +16,17 @@
     ./programs/browser.nix
     ./programs/citate.nix
     ./programs/curl-scripts.nix
-    ./programs/easytag.nix
-    ./programs/elm.nix
+    #./programs/easytag.nix
+    #./programs/elm.nix
     ./programs/espeak.nix
-    ./programs/ffmpeg.nix
-    ./programs/git.nix
+    #./programs/ffmpeg.nix
+    #./programs/git.nix
     ./programs/shell-bash.nix
     ./programs/shell-tools.nix
     ./programs/shell-zsh.nix
-    ./programs/slack.nix
+    #./programs/slack.nix
     ./programs/steam.nix
-    ./programs/taskwarrior.nix
+    #./programs/taskwarrior.nix
     ./programs/urxvt.nix
     ./programs/video.nix
     ./programs/vim.nix

nixos/modules/programs/easytag.nix

@@ -1,19 +0,0 @@
-{ config, pkgs, lib, ... }:
-
-with lib;
-
-let
-
-  cfg = config.programs.custom.easytag;
-
-in
-{
-
-  options.programs.custom.easytag.enable =
-    mkEnableOption "install easytag with dependencies";
-
-  config = mkIf cfg.enable {
-    environment.systemPackages = with pkgs; [ easytag dconf ];
-  };
-}
-

nixos/modules/programs/elm.nix

@@ -1,25 +0,0 @@
-{ config, pkgs, lib, ... }:
-
-with lib;
-
-let
-
-  cfg = config.programs.custom.elm;
-
-in
-{
-
-  options.programs.custom.elm.enable = mkEnableOption "enable elm stack";
-
-  config = mkIf cfg.enable {
-    environment.systemPackages = with pkgs; [
-      elmPackages.elm
-      elmPackages.elm-compiler
-      elmPackages.elm-format
-      elmPackages.elm-make
-      elmPackages.elm-reactor
-      elm-github-install
-    ];
-  };
-}
-

nixos/modules/programs/ffmpeg.nix

@@ -1,161 +0,0 @@
-{ config, lib, pkgs, ... }:
-with lib;
-let
-
-  cfg = config.programs.custom.ffmpeg;
-
-  ffmpegTemplate = name:
-    { profile
-    , preset
-    , tune ? null
-    , width ? 1280
-    , height ? 720
-    , resolution ? "720p"
-    }:
-    pkgs.writeShellScriptBin "ffmpeg-${name}" ''
-
-      if [ $# -eq 0 ]
-      then
-        cat <<EOF
-      ffmpeg-<profile>-<preset>-<tunes>-${resolution} <input> <output>
-
-      profiles =
-        "baseline" - Primarily for low-cost applications that require additional data loss robustness
-        "main"     - This profile is used for standard-definition digital TV broadcasts that use the MPEG-4 format as defined in the DVB standard.
-        "high"     - The primary profile for broadcast and disc storage applications, particularly for high-definition television applications
-
-      presets =
-        "ultrafast"
-        "superfast"
-        "veryfast"
-        "faster"
-        "fast"
-        "medium"
-        "slow"
-        "slower"
-        "veryslow"
-
-      tunes = (optional)
-        "film"       - use for high quality movie content; lowers deblockin
-        "animation"  - good for cartoons; uses higher deblocking and more reference frames
-        "grain"      - preserves the grain structure in old, grainy film material
-        "stillimage" - good for slideshow-like content
-        "fastdecode" - allows faster decoding by disabling certain filters
-
-      EOF
-        exit 0
-      fi
-
-      if [ $# -ne 2 ]
-      then
-        echo "ffmpeg-${name} <input> <output>"
-        exit 1
-      fi
-
-      input=$1
-      output=$2
-
-      if [ ! -f "$input" ]
-      then
-        echo "input does not exist $input"
-        exit 1
-      fi
-
-      # do it stereo
-      # -ac 2
-      # do it sample rate 44100
-      # -ar 44100
-
-      exec ${pkgs.ffmpeg}/bin/ffmpeg \
-        -i "$input" \
-        -filter:v scale=h='min(${toString height}\,ih)':w='min(${
-          toString width
-        }\,iw)' \
-        -vcodec libx264 \
-        -preset ${preset} \
-        -profile:v ${profile} \
-        ${optionalString (tune != null) "-tune ${tune}"} \
-        -acodec aac \
-        -ac 2 \
-        -ar 44100 \
-        "$output" \
-        -hide_banner
-    '';
-
-  # https://en.wikipedia.org/wiki/H.264/MPEG-4_AVC#Profiles
-  profiles = [
-    "baseline"
-    "main"
-    "high"
-    #"high10"
-    #"high422"
-    #"high44"
-  ];
-  presets = [
-    #"ultrafast"
-    #"superfast"
-    #"veryfast"
-    #"faster"
-    "fast"
-    "medium"
-    "slow"
-    #"slower"
-    "veryslow"
-  ];
-  tunes = [ "film" "animation" "grain" "stillimage" "fastdecode" ];
-
-  ffmpegs =
-    let
-
-      configurations = lib.cartesianProductOfSets {
-        profile = profiles;
-        preset = presets;
-      };
-
-      p720 = { profile, preset }:
-        ffmpegTemplate "${profile}-${preset}-720p" { inherit profile preset; };
-
-      p1080 = { profile, preset }:
-        ffmpegTemplate "${profile}-${preset}-1080p" {
-          inherit profile preset;
-          height = 1080;
-          width = 1920;
-          resolution = "1080p";
-        };
-    in
-    (map p720 configurations) ++ (map p1080 configurations);
-
-  ffmpegsTune =
-    let
-      configurations = lib.cartesianProductOfSets {
-        profile = profiles;
-        preset = presets;
-        tune = tunes;
-      };
-
-      p720 = { profile, preset, tune }:
-        ffmpegTemplate "${profile}-${preset}-${tune}-720p" {
-          inherit profile preset tune;
-        };
-
-      p1080 = { profile, preset, tune }:
-        ffmpegTemplate "${profile}-${preset}-${tune}-1080p" {
-          inherit profile preset tune;
-          height = 1080;
-          width = 1920;
-          resolution = "1080p";
-        };
-
-    in
-    (map p720 configurations) ++ (map p1080 configurations);
-
-in
-{
-
-  options.programs.custom.ffmpeg = {
-    enable = mkEnableOption "enable programs.custom.ffmpeg";
-  };
-
-  config =
-    mkIf cfg.enable { environment.systemPackages = ffmpegs ++ ffmpegsTune; };
-}

nixos/modules/programs/slack.nix

@@ -1,127 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with lib;
-
-let
-
-  # name of the program
-  # -------------------
-  program = "slack";
-
-  tarBin = "${pkgs.gnutar}/bin/tar";
-
-  # command that will be jailed
-  # ---------------------------
-  command = "${pkgs.slack}/bin/slack";
-
-  desktopFile =
-    let
-      name = program;
-      comment = "Chat Programm";
-    in
-    pkgs.writeTextFile {
-      name = "${name}.desktop";
-      destination = "/share/applications/${name}.desktop";
-      text = ''
-        [Desktop Entry]
-        Categories=Application;Utility;
-        Comment=${comment}
-        Encoding=UTF-8
-        Exec=${bin}/bin/${name}
-        Icon=gnome-lockscreen
-        Name=${name}
-        Terminal=false
-        Type=Application
-      '';
-    };
-
-  # the script
-  # ----------
-  bin =
-    let
-      backupFile = "${cfg.homeBackup}.tar.lzma";
-      rolloutFile = "${cfg.home}.tar.lzma";
-      lockFile = "${cfg.home}-lock";
-    in
-    pkgs.writeShellScriptBin "${program}" ''
-      # set -x
-      if [[ ! -e ${lockFile} ]]
-      then
-        # rollout backup
-        if [[ -e ${backupFile} ]]
-        then
-          cp ${backupFile} ${rolloutFile}
-          sudo -u ${program} ${tarBin} xf ${rolloutFile} --directory ${cfg.home}
-          rm ${rolloutFile}
-          touch ${lockFile}
-        fi
-      fi
-
-      sudo -u ${program} ${command}
-    '';
-
-  backupScript = pkgs.writeShellScriptBin "${program}-backup" ''
-    sudo -u ${program} \
-      ${tarBin} \
-      --exclude=.cache \
-      --exclude=".config/**/*Cache*" \
-      --exclude-cache-all \
-      --exclude=Downloads \
-      --create \
-      --verbos \
-      --lzma \
-      --file ${cfg.home}.tar.lzma \
-      --directory ${cfg.home} \
-      .
-
-    cp ${cfg.home}.tar.lzma ${cfg.homeBackup}.tar.lzma
-  '';
-
-  cfg = config.programs.custom.slack;
-
-in
-{
-
-  options.programs.custom.slack = {
-    enable = mkEnableOption "install slack";
-
-    homeBackup = mkOption {
-      type = with types; nullOr string;
-      description = ''
-        folder where to backup
-      '';
-    };
-
-    # todo : make sure the folder /home/sudoers belongs to mainUser
-    home = mkOption {
-      type = with types; string;
-      default = "/home/sudoers/slack";
-      description = ''
-        home folder of this
-      '';
-    };
-
-  };
-
-  config = mkIf cfg.enable {
-
-    security.sudo.extraConfig = ''
-      ${config.users.users.mainUser.name} ALL=(${program}) NOPASSWD: ALL
-    '';
-
-    # create users
-    users.users."${program}" = {
-      home = cfg.home;
-      createHome = true;
-      # initialPassword = "${program}";
-      shell = pkgs.bashInteractive;
-      isNormalUser = true;
-      group = "users";
-      # enable video usage
-      extraGroups = [ "video" "audio" "pipewire" ];
-    };
-
-    environment.systemPackages = [ bin backupScript desktopFile ];
-  };
-}
-

nixos/modules/programs/taskwarrior.nix

@@ -1,90 +0,0 @@
-{ config, pkgs, lib, ... }:
-
-with lib;
-
-let
-
-  cfg = config.programs.custom.taskwarrior;
-
-  taskNextWeek = pkgs.writeShellScriptBin "taskweek" # sh
-    ''
-      ${pkgs.taskwarrior}/bin/task \
-                          export \
-                          status:pending and \( due.before:6days \) \
-          | ${pkgs.jq}/bin/jq '[.[] | { Day: .due, ID: .id, Description: .description } ] | sort_by(.Day)' \
-          | ${pkgs.miller}/bin/mlr --ijson --opprint put "\$Day = strftime(strptime(\$Day,\"%Y%m%dT%H%M%SZ\")$(date +%z)00,\"%A\")"
-    '';
-
-  tsak = pkgs.writeShellScriptBin "tsak" # sh
-    ''
-      ${pkgs.taskwarrior}/bin/task "$@"
-    '';
-  taskwarrior-tui = pkgs.unstable.taskwarrior-tui;
-
-  #vit = pkgs.unstable.vit.overrideAttrs (old: rec {
-  #  name = "vit-${version}";
-  #  version = "master";
-  #  src = pkgs.fetchgit {
-  #    url = "https://github.com/scottkosty/vit.git";
-  #    #rev = "7200949214362139e8073b6ca1a58cc756b2ebd0";
-  #    #sha256 = "1s0rvqn8xjy3qiw9034wfzz2r7mwary70x32fqprz2w2h5r73j2m";
-  #    rev = "cfe5975bd054fe8ffe79527a1af6356528b60c63";
-  #    sha256 = "12fjx91l7cxxan3pg0xqmizpabp5g482vxqq5f3r8b6dw70l15hk";
-  #  };
-  #});
-  vit = pkgs.unstable.vit;
-
-in
-{
-
-  options.programs.custom.taskwarrior.enable =
-    mkEnableOption "Enable Taskwarrior services";
-
-  config = mkIf cfg.enable {
-
-    environment.systemPackages = with pkgs; [
-
-      taskwarrior-tui
-      taskwarrior
-      timewarrior
-      tasksh
-      taskNextWeek
-      tsak
-
-      (pkgs.writers.writeBashBin "calendar" ''
-        ${pkgs.taskwarrior}/bin/task calendar
-        ${pkgs.taskwarrior}/bin/task calendar_report
-      '')
-
-      vit
-      (pkgs.writers.writeBashBin "active" "${vit}/bin/vit active")
-      (pkgs.writers.writeBashBin "todo" "${vit}/bin/vit todo")
-
-      taskwarrior-hooks
-      vdirsyncer
-      khal
-      (pkgs.writers.writeBashBin "kalendar" ''
-        ${pkgs.vdirsyncer}/bin/vdirsyncer sync
-        ${pkgs.khal}/bin/ikhal
-      '')
-
-      #unstable.python3Packages.bugwarrior
-      python3Packages.bugwarrior
-
-      # bugwarrior
-      #(let
-      #  mypython = let
-      #    packageOverrides = self: super: {
-      #      bugwarrior = super.bugwarrior.overridePythonAttrs (old: {
-      #        propagatedBuildInputs = old.propagatedBuildInputs
-      #          ++ [ super.setuptools ];
-      #      });
-      #    };
-      #  in pkgs.python3.override { inherit packageOverrides; };
-      #in mypython.pkgs.bugwarrior)
-
-    ];
-
-  };
-
-}

nixos/system/desktop/default.nix

@@ -34,9 +34,7 @@
     };
 
     shellTools.enable = true;
-    taskwarrior.enable = true;
     curlScripts.enable = true;
-    git.enable = true;
     citate.enable = true;
     vim.enable = true;
 

nixos/system/desktop/packages.nix

@@ -137,9 +137,6 @@ let
 in
 {
 
-  # ffmpeg scripts to encode movies
-  programs.custom.ffmpeg.enable = true;
-
   # gnupg setup
   programs.gnupg.agent.enable = true;
   programs.gnupg.agent.enableSSHSupport = true;
@@ -222,7 +219,7 @@ in
       cups
       xfe # filemanager
       evince
-      sxiv
+      nsxiv
       (library.desktopFile sxiv {
         longName = "Image Viewer";
         command = "sxiv";