Compare commits
No commits in common. "7a6510a4e65d6c3b5e0bc788e2f340612d288872" and "2bc86a4912a72188f1c1d9535d799570c6676155" have entirely different histories.
7a6510a4e6
...
2bc86a4912
200 changed files with 2080 additions and 3450 deletions
|
@ -1,15 +1,18 @@
|
||||||
name: Build all NixOS Configurations
|
name: Build all NixOS Configurations
|
||||||
|
|
||||||
on:
|
on:
|
||||||
push:
|
push:
|
||||||
branches:
|
branches:
|
||||||
- "**"
|
- "**"
|
||||||
schedule:
|
schedule:
|
||||||
- cron: "30 2/6 * * *" # not to frequent, GitHub only allows a few pulls per hour
|
- cron: "30 2/6 * * *" # not to frequent, GitHub only allows a few pulls per hour
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
nix build:
|
nix build:
|
||||||
runs-on: native
|
runs-on: native
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v4
|
- uses: actions/checkout@v4
|
||||||
|
|
||||||
- name: update nix flakes
|
- name: update nix flakes
|
||||||
if: ${{ github.event_name == 'schedule' }}
|
if: ${{ github.event_name == 'schedule' }}
|
||||||
# we need to use our ssh key here because we need access to private flakes
|
# we need to use our ssh key here because we need access to private flakes
|
||||||
|
@ -27,6 +30,7 @@ jobs:
|
||||||
echo $SSH_AGENT_PID
|
echo $SSH_AGENT_PID
|
||||||
kill $SSH_AGENT_PID
|
kill $SSH_AGENT_PID
|
||||||
rm .ssh_key
|
rm .ssh_key
|
||||||
|
|
||||||
- name: nix flake archive/check
|
- name: nix flake archive/check
|
||||||
# we need to use our ssh key here because we need access to private flakes
|
# we need to use our ssh key here because we need access to private flakes
|
||||||
run: |
|
run: |
|
||||||
|
@ -44,16 +48,22 @@ jobs:
|
||||||
echo $SSH_AGENT_PID
|
echo $SSH_AGENT_PID
|
||||||
kill $SSH_AGENT_PID
|
kill $SSH_AGENT_PID
|
||||||
rm .ssh_key
|
rm .ssh_key
|
||||||
|
|
||||||
- name: nix build orbi
|
- name: nix build orbi
|
||||||
run: nix build .#nixosConfigurations.orbi.config.system.build.toplevel
|
run: nix build .#nixosConfigurations.orbi.config.system.build.toplevel
|
||||||
|
|
||||||
- name: nix build cream
|
- name: nix build cream
|
||||||
run: nix build .#nixosConfigurations.cream.config.system.build.toplevel
|
run: nix build .#nixosConfigurations.cream.config.system.build.toplevel
|
||||||
|
|
||||||
- name: nix build cherry
|
- name: nix build cherry
|
||||||
run: nix build .#nixosConfigurations.cherry.config.system.build.toplevel
|
run: nix build .#nixosConfigurations.cherry.config.system.build.toplevel
|
||||||
|
|
||||||
- name: nix build chungus
|
- name: nix build chungus
|
||||||
run: nix build .#nixosConfigurations.chungus.config.system.build.toplevel
|
run: nix build .#nixosConfigurations.chungus.config.system.build.toplevel
|
||||||
|
|
||||||
- name: nix build usbstick
|
- name: nix build usbstick
|
||||||
run: nix build .#nixosConfigurations.usbstick.config.system.build.toplevel
|
run: nix build .#nixosConfigurations.usbstick.config.system.build.toplevel
|
||||||
|
|
||||||
- name: commit & push
|
- name: commit & push
|
||||||
if: ${{ github.event_name == 'schedule' }}
|
if: ${{ github.event_name == 'schedule' }}
|
||||||
# only if all nix builds are fine we update our branch
|
# only if all nix builds are fine we update our branch
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ config, lib, pkgs, ... }:
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
|
|
||||||
|
|
|
@ -14,4 +14,5 @@
|
||||||
./yubikey.nix
|
./yubikey.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,10 +1,5 @@
|
||||||
# TODO test `alsactl init` after suspend to reinit mic
|
# TODO test `alsactl init` after suspend to reinit mic
|
||||||
{
|
{ pkgs, config, lib, ... }:
|
||||||
pkgs,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options.components.gui.audio.enable = mkOption {
|
options.components.gui.audio.enable = mkOption {
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ pkgs, lib, config, ... }:
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
config,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options.components.gui = {
|
options.components.gui = {
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ pkgs, lib, config, ... }:
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
config,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ config, pkgs, lib, ... }:
|
||||||
config,
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
{
|
{
|
||||||
|
|
||||||
options.components.gui.kmonad.enable = lib.mkOption {
|
options.components.gui.kmonad.enable = lib.mkOption {
|
||||||
|
@ -84,21 +79,9 @@
|
||||||
|
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
nativ = keyboard "/dev/input/by-path/platform-i8042-serio-0-event-kbd" [
|
nativ = keyboard "/dev/input/by-path/platform-i8042-serio-0-event-kbd" [ "lctl" "lmet" "lalt" ];
|
||||||
"lctl"
|
dasKeyboard = keyboard "/dev/input/by-id/usb-Metadot_-_Das_Keyboard_Das_Keyboard-event-kbd" [ "lctl" "lmet" "lalt" ];
|
||||||
"lmet"
|
uhk = keyboard "/dev/input/by-id/usb-Ultimate_Gadget_Laboratories_UHK_60_v2-event-kbd" [ "lctl" "lmet" "lalt" ];
|
||||||
"lalt"
|
|
||||||
];
|
|
||||||
dasKeyboard = keyboard "/dev/input/by-id/usb-Metadot_-_Das_Keyboard_Das_Keyboard-event-kbd" [
|
|
||||||
"lctl"
|
|
||||||
"lmet"
|
|
||||||
"lalt"
|
|
||||||
];
|
|
||||||
uhk = keyboard "/dev/input/by-id/usb-Ultimate_Gadget_Laboratories_UHK_60_v2-event-kbd" [
|
|
||||||
"lctl"
|
|
||||||
"lmet"
|
|
||||||
"lalt"
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,11 +1,6 @@
|
||||||
# notify me when a command is finished
|
# notify me when a command is finished
|
||||||
# todo : secret managment is shit
|
# todo : secret managment is shit
|
||||||
{
|
{ config, pkgs, lib, ... }:
|
||||||
config,
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options.components.gui.noti.enable = mkOption {
|
options.components.gui.noti.enable = mkOption {
|
||||||
|
|
|
@ -1,17 +1,11 @@
|
||||||
{
|
{ pkgs, config, lib, ... }:
|
||||||
pkgs,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
let
|
let
|
||||||
|
|
||||||
# desktop file
|
# desktop file
|
||||||
# ------------
|
# ------------
|
||||||
# makes it possible to be used by other programs
|
# makes it possible to be used by other programs
|
||||||
desktopFile =
|
desktopFile = name: bin:
|
||||||
name: bin:
|
|
||||||
pkgs.writeTextFile {
|
pkgs.writeTextFile {
|
||||||
name = "${name}.desktop";
|
name = "${name}.desktop";
|
||||||
destination = "/share/applications/${name}.desktop";
|
destination = "/share/applications/${name}.desktop";
|
||||||
|
@ -40,9 +34,7 @@ in
|
||||||
environment.systemPackages = [
|
environment.systemPackages = [
|
||||||
(pkgs.pass.withExtensions (ext: [ ext.pass-otp ]))
|
(pkgs.pass.withExtensions (ext: [ ext.pass-otp ]))
|
||||||
# todo : use upstream desktop file creator
|
# todo : use upstream desktop file creator
|
||||||
(desktopFile "passmenu" "${
|
(desktopFile "passmenu" "${pkgs.pass.withExtensions (ext: [ext.pass-otp])}/bin/passmenu --type -l 10")
|
||||||
pkgs.pass.withExtensions (ext: [ ext.pass-otp ])
|
|
||||||
}/bin/passmenu --type -l 10")
|
|
||||||
|
|
||||||
pkgs.otpmenu
|
pkgs.otpmenu
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ config, pkgs, lib, ... }:
|
||||||
config,
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options.components.gui.steam.enable = mkOption {
|
options.components.gui.steam.enable = mkOption {
|
||||||
|
@ -27,12 +22,7 @@ with lib;
|
||||||
isSystemUser = true;
|
isSystemUser = true;
|
||||||
home = "/home/steam";
|
home = "/home/steam";
|
||||||
createHome = true;
|
createHome = true;
|
||||||
extraGroups = [
|
extraGroups = [ "audio" "input" "video" "pipewire" ];
|
||||||
"audio"
|
|
||||||
"input"
|
|
||||||
"video"
|
|
||||||
"pipewire"
|
|
||||||
];
|
|
||||||
group = "steam";
|
group = "steam";
|
||||||
shell = pkgs.bashInteractive;
|
shell = pkgs.bashInteractive;
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ pkgs, config, lib, ... }:
|
||||||
pkgs,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options.components.gui.suspend.enable = mkOption {
|
options.components.gui.suspend.enable = mkOption {
|
||||||
|
@ -18,11 +13,13 @@ with lib;
|
||||||
requiredBy = [ "sleep.target" ];
|
requiredBy = [ "sleep.target" ];
|
||||||
environment =
|
environment =
|
||||||
let
|
let
|
||||||
display = if (config.services.xserver.display != null) then config.services.xserver.display else 0;
|
display =
|
||||||
|
if (config.services.xserver.display != null) then
|
||||||
|
config.services.xserver.display
|
||||||
|
else
|
||||||
|
0;
|
||||||
in
|
in
|
||||||
{
|
{ DISPLAY = ":${toString display}"; };
|
||||||
DISPLAY = ":${toString display}";
|
|
||||||
};
|
|
||||||
script = ''
|
script = ''
|
||||||
${pkgs.xlockmore}/bin/xlock -mode life1d -size 1 &
|
${pkgs.xlockmore}/bin/xlock -mode life1d -size 1 &
|
||||||
sleep 1
|
sleep 1
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ config, pkgs, lib, ... }:
|
||||||
config,
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options.components.gui.vscode.enable = mkOption {
|
options.components.gui.vscode.enable = mkOption {
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ config, pkgs, lib, ... }:
|
||||||
config,
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ config, pkgs, lib, ... }:
|
||||||
config,
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
|
|
||||||
|
@ -83,3 +78,4 @@ with lib;
|
||||||
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ lib, pkgs, config, ... }:
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
config,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
let
|
let
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ config, pkgs, lib, ... }:
|
||||||
config,
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
with types;
|
with types;
|
||||||
let
|
let
|
||||||
|
@ -11,10 +6,15 @@ let
|
||||||
cfg = config.components.mainUser;
|
cfg = config.components.mainUser;
|
||||||
|
|
||||||
# todo : use optionalList
|
# todo : use optionalList
|
||||||
dockerGroup = if (config.virtualisation.docker.enable) then [ "docker" ] else [ ];
|
dockerGroup =
|
||||||
|
if (config.virtualisation.docker.enable) then [ "docker" ] else [ ];
|
||||||
|
|
||||||
# todo : use optionalList
|
# todo : use optionalList
|
||||||
vboxGroup = if (config.virtualisation.virtualbox.host.enable) then [ "vboxusers" ] else [ ];
|
vboxGroup =
|
||||||
|
if (config.virtualisation.virtualbox.host.enable) then
|
||||||
|
[ "vboxusers" ]
|
||||||
|
else
|
||||||
|
[ ];
|
||||||
|
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
@ -73,16 +73,8 @@ in
|
||||||
uid = cfg.uid;
|
uid = cfg.uid;
|
||||||
home = "/home/${cfg.userName}";
|
home = "/home/${cfg.userName}";
|
||||||
initialPassword = cfg.userName;
|
initialPassword = cfg.userName;
|
||||||
extraGroups = [
|
extraGroups = [ "wheel" "networkmanager" "transmission" "wireshark" "audio" "pipewire" "input" "dialout" ]
|
||||||
"wheel"
|
++ dockerGroup ++ vboxGroup ++ cfg.extraGroups;
|
||||||
"networkmanager"
|
|
||||||
"transmission"
|
|
||||||
"wireshark"
|
|
||||||
"audio"
|
|
||||||
"pipewire"
|
|
||||||
"input"
|
|
||||||
"dialout"
|
|
||||||
] ++ dockerGroup ++ vboxGroup ++ cfg.extraGroups;
|
|
||||||
openssh.authorizedKeys.keyFiles = cfg.authorizedKeyFiles;
|
openssh.authorizedKeys.keyFiles = cfg.authorizedKeyFiles;
|
||||||
group = config.users.groups.mainUser.name;
|
group = config.users.groups.mainUser.name;
|
||||||
};
|
};
|
||||||
|
|
|
@ -4,12 +4,7 @@
|
||||||
# * connect via mixxx to it.
|
# * connect via mixxx to it.
|
||||||
# * add the podcast to mpd in the same network
|
# * add the podcast to mpd in the same network
|
||||||
# --------------------------------------------------
|
# --------------------------------------------------
|
||||||
{
|
{ pkgs, config, lib, ... }:
|
||||||
pkgs,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
|
|
||||||
let
|
let
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ pkgs, config, lib, ... }:
|
||||||
pkgs,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
|
|
||||||
|
|
|
@ -1,34 +1,30 @@
|
||||||
{
|
{ config, pkgs, lib, ... }:
|
||||||
config,
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
|
|
||||||
with lib;
|
with lib;
|
||||||
|
|
||||||
let
|
let
|
||||||
obs-cmd = pkgs.rustPlatform.buildRustPackage rec {
|
obs-cmd = pkgs.rustPlatform.buildRustPackage
|
||||||
pname = "obs-cmd";
|
rec {
|
||||||
version = "v0.15.2";
|
pname = "obs-cmd";
|
||||||
src = pkgs.fetchFromGitHub {
|
version = "v0.15.2";
|
||||||
owner = "grigio";
|
src = pkgs.fetchFromGitHub {
|
||||||
repo = "obs-cmd";
|
owner = "grigio";
|
||||||
rev = version;
|
repo = "obs-cmd";
|
||||||
sha256 = "sha256-RRkP0QLWcJLKv8oqESjMgHGW1QScANG7+fzR/rwSyDI=";
|
rev = version;
|
||||||
};
|
sha256 = "sha256-RRkP0QLWcJLKv8oqESjMgHGW1QScANG7+fzR/rwSyDI=";
|
||||||
|
};
|
||||||
|
|
||||||
cargoSha256 = "sha256-JqR7MAt2VNEnZGbn+hExtFG6F7X0KhFM1n7GZ+QaHc0=";
|
cargoSha256 = "sha256-JqR7MAt2VNEnZGbn+hExtFG6F7X0KhFM1n7GZ+QaHc0=";
|
||||||
#cargoSha256 = fakeSha256;
|
#cargoSha256 = fakeSha256;
|
||||||
|
|
||||||
meta = with lib; {
|
meta = with lib; {
|
||||||
description = "a minimal obs CLI for obs-websocket v5";
|
description = "a minimal obs CLI for obs-websocket v5";
|
||||||
homepage = "https://github.com/grigio/obs-cmd";
|
homepage = "https://github.com/grigio/obs-cmd";
|
||||||
license = licenses.mit;
|
license = licenses.mit;
|
||||||
maintainers = [ maintainers.mrVanDalo ];
|
maintainers = [ maintainers.mrVanDalo ];
|
||||||
platforms = platforms.all;
|
platforms = platforms.all;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
|
||||||
|
|
||||||
# Lassulus streaming setup
|
# Lassulus streaming setup
|
||||||
# -------------------------
|
# -------------------------
|
||||||
|
@ -57,12 +53,7 @@ let
|
||||||
name = "screen-keys";
|
name = "screen-keys";
|
||||||
paths =
|
paths =
|
||||||
let
|
let
|
||||||
screenKeyScript =
|
screenKeyScript = { position ? "bottom", size ? "small", ... }:
|
||||||
{
|
|
||||||
position ? "bottom",
|
|
||||||
size ? "small",
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
pkgs.writeShellScriptBin "screenkeys-${position}-${size}" # sh
|
pkgs.writeShellScriptBin "screenkeys-${position}-${size}" # sh
|
||||||
''
|
''
|
||||||
${pkgs.screenkey}/bin/screenkey \
|
${pkgs.screenkey}/bin/screenkey \
|
||||||
|
@ -74,41 +65,27 @@ let
|
||||||
"$@"
|
"$@"
|
||||||
'';
|
'';
|
||||||
in
|
in
|
||||||
lib.flatten (
|
lib.flatten (lib.flip map [ "large" "small" "medium" ] (size:
|
||||||
lib.flip map
|
lib.flip map [ "top" "center" "bottom" ]
|
||||||
[
|
(position: screenKeyScript { inherit size position; })));
|
||||||
"large"
|
|
||||||
"small"
|
|
||||||
"medium"
|
|
||||||
]
|
|
||||||
(
|
|
||||||
size:
|
|
||||||
lib.flip map [
|
|
||||||
"top"
|
|
||||||
"center"
|
|
||||||
"bottom"
|
|
||||||
] (position: screenKeyScript { inherit size position; })
|
|
||||||
)
|
|
||||||
);
|
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
mpvReview =
|
mpvReview =
|
||||||
let
|
let
|
||||||
moveToDir =
|
moveToDir = key: dir: pkgs.writeText "move-with-${key}.lua" ''
|
||||||
key: dir:
|
tmp_dir = "${dir}"
|
||||||
pkgs.writeText "move-with-${key}.lua" ''
|
|
||||||
tmp_dir = "${dir}"
|
|
||||||
|
|
||||||
function move_current_track_${key}()
|
function move_current_track_${key}()
|
||||||
track = mp.get_property("path")
|
track = mp.get_property("path")
|
||||||
os.execute("mkdir -p '" .. tmp_dir .. "'")
|
os.execute("mkdir -p '" .. tmp_dir .. "'")
|
||||||
os.execute("mv '" .. track .. "' '" .. tmp_dir .. "'")
|
os.execute("mv '" .. track .. "' '" .. tmp_dir .. "'")
|
||||||
print("moved '" .. track .. "' to " .. tmp_dir)
|
print("moved '" .. track .. "' to " .. tmp_dir)
|
||||||
mp.command("playlist-next")
|
mp.command("playlist-next")
|
||||||
end
|
end
|
||||||
|
|
||||||
mp.add_key_binding("${key}", "move_current_track_${key}", move_current_track_${key})
|
mp.add_key_binding("${key}", "move_current_track_${key}", move_current_track_${key})
|
||||||
'';
|
'';
|
||||||
delete = moveToDir "D" "./.graveyard";
|
delete = moveToDir "D" "./.graveyard";
|
||||||
good = moveToDir "G" "./.good";
|
good = moveToDir "G" "./.good";
|
||||||
in
|
in
|
||||||
|
@ -133,6 +110,7 @@ in
|
||||||
|
|
||||||
config = mkIf (config.components.media.video.enable) {
|
config = mkIf (config.components.media.video.enable) {
|
||||||
|
|
||||||
|
|
||||||
home-manager.sharedModules = [
|
home-manager.sharedModules = [
|
||||||
{
|
{
|
||||||
programs.obs-studio = {
|
programs.obs-studio = {
|
||||||
|
@ -145,6 +123,7 @@ in
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
||||||
boot.kernelModules = [ "v4l2loopback" ];
|
boot.kernelModules = [ "v4l2loopback" ];
|
||||||
boot.extraModulePackages = [ pkgs.linuxPackages.v4l2loopback ];
|
boot.extraModulePackages = [ pkgs.linuxPackages.v4l2loopback ];
|
||||||
|
|
||||||
|
@ -158,6 +137,7 @@ in
|
||||||
alphaSafe
|
alphaSafe
|
||||||
sanitizeFolder
|
sanitizeFolder
|
||||||
|
|
||||||
|
|
||||||
# obs studio stuff
|
# obs studio stuff
|
||||||
obs-cli
|
obs-cli
|
||||||
v4l-utils
|
v4l-utils
|
||||||
|
@ -174,6 +154,8 @@ in
|
||||||
handbrake
|
handbrake
|
||||||
ffmpeg-full
|
ffmpeg-full
|
||||||
|
|
||||||
|
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -33,7 +33,7 @@ in
|
||||||
services.promtail = {
|
services.promtail = {
|
||||||
enable = true;
|
enable = true;
|
||||||
configuration = {
|
configuration = {
|
||||||
server.disable = true;
|
server. disable = true;
|
||||||
positions.filename = "/var/cache/promtail/positions.yaml";
|
positions.filename = "/var/cache/promtail/positions.yaml";
|
||||||
|
|
||||||
clients = [
|
clients = [
|
||||||
|
@ -49,15 +49,7 @@ in
|
||||||
_end = ''{{ end }}'';
|
_end = ''{{ end }}'';
|
||||||
elseblock = index: replacement: "${_elseif index}${_replace index replacement}";
|
elseblock = index: replacement: "${_elseif index}${_replace index replacement}";
|
||||||
ifblock = index: replacement: "${_if index}${_replace index replacement}";
|
ifblock = index: replacement: "${_if index}${_replace index replacement}";
|
||||||
createTemplateLine =
|
createTemplateLine = list: "${concatStrings (imap0 (index: replacement: if index == 0 then ifblock index replacement else elseblock index replacement) list)}${_end}";
|
||||||
list:
|
|
||||||
"${
|
|
||||||
concatStrings (
|
|
||||||
imap0 (
|
|
||||||
index: replacement: if index == 0 then ifblock index replacement else elseblock index replacement
|
|
||||||
) list
|
|
||||||
)
|
|
||||||
}${_end}";
|
|
||||||
in
|
in
|
||||||
[
|
[
|
||||||
{
|
{
|
||||||
|
@ -125,35 +117,36 @@ in
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
# Map facility to human readable
|
# Map facility to human readable
|
||||||
template = {
|
template =
|
||||||
source = "facility_label";
|
{
|
||||||
template = createTemplateLine [
|
source = "facility_label";
|
||||||
"kern" # Kernel messages
|
template = createTemplateLine [
|
||||||
"user" # User-level messages
|
"kern" # Kernel messages
|
||||||
"mail" # Mail system Archaic POSIX still supported and sometimes used (for more mail(1))
|
"user" # User-level messages
|
||||||
"daemon" # System daemons All daemons, including systemd and its subsystems
|
"mail" # Mail system Archaic POSIX still supported and sometimes used (for more mail(1))
|
||||||
"auth" # Security/authorization messages Also watch for different facility 10
|
"daemon" # System daemons All daemons, including systemd and its subsystems
|
||||||
"syslog" # Messages generated internally by syslogd For syslogd implementations (not used by systemd, see facility 3)
|
"auth" # Security/authorization messages Also watch for different facility 10
|
||||||
"lpr" # Line printer subsystem (archaic subsystem)
|
"syslog" # Messages generated internally by syslogd For syslogd implementations (not used by systemd, see facility 3)
|
||||||
"news" # Network news subsystem (archaic subsystem)
|
"lpr" # Line printer subsystem (archaic subsystem)
|
||||||
"uucp" # UUCP subsystem (archaic subsystem)
|
"news" # Network news subsystem (archaic subsystem)
|
||||||
"clock" # Clock daemon systemd-timesyncd
|
"uucp" # UUCP subsystem (archaic subsystem)
|
||||||
"authpriv" # Security/authorization messages Also watch for different facility 4
|
"clock" # Clock daemon systemd-timesyncd
|
||||||
"ftp" # FTP daemon
|
"authpriv" # Security/authorization messages Also watch for different facility 4
|
||||||
"-" # NTP subsystem
|
"ftp" # FTP daemon
|
||||||
"-" # Log audit
|
"-" # NTP subsystem
|
||||||
"-" # Log alert
|
"-" # Log audit
|
||||||
"cron" # Scheduling daemon
|
"-" # Log alert
|
||||||
"local0" # Local use 0 (local0)
|
"cron" # Scheduling daemon
|
||||||
"local1" # Local use 1 (local1)
|
"local0" # Local use 0 (local0)
|
||||||
"local2" # Local use 2 (local2)
|
"local1" # Local use 1 (local1)
|
||||||
"local3" # Local use 3 (local3)
|
"local2" # Local use 2 (local2)
|
||||||
"local4" # Local use 4 (local4)
|
"local3" # Local use 3 (local3)
|
||||||
"local5" # Local use 5 (local5)
|
"local4" # Local use 4 (local4)
|
||||||
"local6" # Local use 6 (local6)
|
"local5" # Local use 5 (local5)
|
||||||
"local7" # Local use 7 (local7)
|
"local6" # Local use 6 (local6)
|
||||||
];
|
"local7" # Local use 7 (local7)
|
||||||
};
|
];
|
||||||
|
};
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
# Key is REQUIRED and the name for the label that will be created.
|
# Key is REQUIRED and the name for the label that will be created.
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ pkgs, config, lib, ... }:
|
||||||
pkgs,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
with types;
|
with types;
|
||||||
{
|
{
|
||||||
|
@ -23,11 +18,9 @@ with types;
|
||||||
{
|
{
|
||||||
job_name = "zfs";
|
job_name = "zfs";
|
||||||
scrape_interval = "10s";
|
scrape_interval = "10s";
|
||||||
static_configs = [
|
static_configs = [{
|
||||||
{
|
targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.zfs.port}" ];
|
||||||
targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.zfs.port}" ];
|
}];
|
||||||
}
|
|
||||||
];
|
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
service.pipelines.metrics.receivers = [ "prometheus" ];
|
service.pipelines.metrics.receivers = [ "prometheus" ];
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ lib, pkgs, config, ... }:
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
config,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
with types;
|
with types;
|
||||||
{
|
{
|
||||||
|
@ -23,7 +18,7 @@ with types;
|
||||||
scrape_interval = "10s";
|
scrape_interval = "10s";
|
||||||
metrics_path = "/api/v1/allmetrics";
|
metrics_path = "/api/v1/allmetrics";
|
||||||
params.format = [ "prometheus" ];
|
params.format = [ "prometheus" ];
|
||||||
static_configs = [ { targets = [ "127.0.0.1:19999" ]; } ];
|
static_configs = [{ targets = [ "127.0.0.1:19999" ]; }];
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
|
@ -36,7 +36,7 @@ in
|
||||||
job_name = "opentelemetry";
|
job_name = "opentelemetry";
|
||||||
metrics_path = "/metrics";
|
metrics_path = "/metrics";
|
||||||
scrape_interval = "10s";
|
scrape_interval = "10s";
|
||||||
static_configs = [ { targets = [ "localhost:${toString cfg.port}" ]; } ];
|
static_configs = [{ targets = [ "localhost:${toString cfg.port}" ]; }];
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
})
|
})
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ config, pkgs, lib, ... }:
|
||||||
config,
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
with types;
|
with types;
|
||||||
let
|
let
|
||||||
|
@ -29,9 +24,7 @@ in
|
||||||
receivers.influxdb.endpoint = "127.0.0.1:${toString cfg.influxDBPort}";
|
receivers.influxdb.endpoint = "127.0.0.1:${toString cfg.influxDBPort}";
|
||||||
service.pipelines.metrics.receivers = [ "influxdb" ];
|
service.pipelines.metrics.receivers = [ "influxdb" ];
|
||||||
};
|
};
|
||||||
services.telegraf.extraConfig.outputs.influxdb_v2.urls = [
|
services.telegraf.extraConfig.outputs.influxdb_v2.urls = [ "http://127.0.0.1:${toString cfg.influxDBPort}" ];
|
||||||
"http://127.0.0.1:${toString cfg.influxDBPort}"
|
|
||||||
];
|
|
||||||
})
|
})
|
||||||
|
|
||||||
(mkIf config.components.monitor.telegraf.enable {
|
(mkIf config.components.monitor.telegraf.enable {
|
||||||
|
@ -48,7 +41,7 @@ in
|
||||||
processes = { };
|
processes = { };
|
||||||
system = { };
|
system = { };
|
||||||
systemd_units = { };
|
systemd_units = { };
|
||||||
ping = [ { urls = [ "10.100.0.1" ]; } ]; # actually important to make machine visible over wireguard
|
ping = [{ urls = [ "10.100.0.1" ]; }]; # actually important to make machine visible over wireguard
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ pkgs, config, lib, ... }:
|
||||||
pkgs,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
with types;
|
with types;
|
||||||
let
|
let
|
||||||
|
@ -27,10 +22,7 @@ in
|
||||||
description = "endpoint to ship opentelementry data too";
|
description = "endpoint to ship opentelementry data too";
|
||||||
};
|
};
|
||||||
exporter.debug = mkOption {
|
exporter.debug = mkOption {
|
||||||
type = nullOr (enum [
|
type = nullOr (enum [ "logs" "metrics" ]);
|
||||||
"logs"
|
|
||||||
"metrics"
|
|
||||||
]);
|
|
||||||
default = null;
|
default = null;
|
||||||
description = "enable debug exporter.";
|
description = "enable debug exporter.";
|
||||||
};
|
};
|
||||||
|
@ -69,13 +61,11 @@ in
|
||||||
include = ".*";
|
include = ".*";
|
||||||
match_type = "regexp";
|
match_type = "regexp";
|
||||||
action = "update";
|
action = "update";
|
||||||
operations = [
|
operations = [{
|
||||||
{
|
action = "add_label";
|
||||||
action = "add_label";
|
new_label = "machine";
|
||||||
new_label = "machine";
|
new_value = config.networking.hostName;
|
||||||
new_value = config.networking.hostName;
|
}];
|
||||||
}
|
|
||||||
];
|
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
@ -95,6 +85,7 @@ in
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
|
|
||||||
|
|
||||||
(mkIf (config.components.monitor.opentelemetry.exporter.debug != null) {
|
(mkIf (config.components.monitor.opentelemetry.exporter.debug != null) {
|
||||||
services.opentelemetry-collector.settings = {
|
services.opentelemetry-collector.settings = {
|
||||||
exporters.debug = {
|
exporters.debug = {
|
||||||
|
@ -120,26 +111,24 @@ in
|
||||||
})
|
})
|
||||||
(mkIf
|
(mkIf
|
||||||
(
|
(
|
||||||
config.components.monitor.opentelemetry.exporter.endpoint != null
|
config.components.monitor.opentelemetry.exporter.endpoint != null &&
|
||||||
&& config.components.monitor.logs.enable
|
config.components.monitor.logs.enable
|
||||||
)
|
)
|
||||||
{
|
{
|
||||||
services.opentelemetry-collector.settings = {
|
services.opentelemetry-collector.settings = {
|
||||||
service.pipelines.logs.exporters = [ "otlp" ];
|
service.pipelines.logs.exporters = [ "otlp" ];
|
||||||
};
|
};
|
||||||
}
|
})
|
||||||
)
|
|
||||||
(mkIf
|
(mkIf
|
||||||
(
|
(
|
||||||
config.components.monitor.opentelemetry.exporter.endpoint != null
|
config.components.monitor.opentelemetry.exporter.endpoint != null &&
|
||||||
&& config.components.monitor.metrics.enable
|
config.components.monitor.metrics.enable
|
||||||
)
|
)
|
||||||
{
|
{
|
||||||
services.opentelemetry-collector.settings = {
|
services.opentelemetry-collector.settings = {
|
||||||
service.pipelines.metrics.exporters = [ "otlp" ];
|
service.pipelines.metrics.exporters = [ "otlp" ];
|
||||||
};
|
};
|
||||||
}
|
})
|
||||||
)
|
|
||||||
|
|
||||||
# ship from other instance
|
# ship from other instance
|
||||||
(mkIf (config.components.monitor.opentelemetry.receiver.endpoint != null) {
|
(mkIf (config.components.monitor.opentelemetry.receiver.endpoint != null) {
|
||||||
|
@ -149,26 +138,26 @@ in
|
||||||
})
|
})
|
||||||
(mkIf
|
(mkIf
|
||||||
(
|
(
|
||||||
config.components.monitor.opentelemetry.receiver.endpoint != null
|
config.components.monitor.opentelemetry.receiver.endpoint != null &&
|
||||||
&& config.components.monitor.logs.enable
|
config.components.monitor.logs.enable
|
||||||
)
|
)
|
||||||
{
|
{
|
||||||
services.opentelemetry-collector.settings = {
|
services.opentelemetry-collector.settings = {
|
||||||
service.pipelines.logs.receivers = [ "otlp" ];
|
service.pipelines.logs.receivers = [ "otlp" ];
|
||||||
};
|
};
|
||||||
}
|
})
|
||||||
)
|
|
||||||
(mkIf
|
(mkIf
|
||||||
(
|
(
|
||||||
config.components.monitor.opentelemetry.receiver.endpoint != null
|
config.components.monitor.opentelemetry.receiver.endpoint != null &&
|
||||||
&& config.components.monitor.metrics.enable
|
config.components.monitor.metrics.enable
|
||||||
)
|
)
|
||||||
{
|
{
|
||||||
services.opentelemetry-collector.settings = {
|
services.opentelemetry-collector.settings = {
|
||||||
service.pipelines.metrics.receivers = [ "otlp" ];
|
service.pipelines.metrics.receivers = [ "otlp" ];
|
||||||
};
|
};
|
||||||
}
|
})
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
# scrape opentelemetry-colectors metrics
|
# scrape opentelemetry-colectors metrics
|
||||||
# todo: this should be collected another way (opentelemetry internal?)
|
# todo: this should be collected another way (opentelemetry internal?)
|
||||||
|
@ -180,11 +169,9 @@ in
|
||||||
{
|
{
|
||||||
job_name = "otelcol";
|
job_name = "otelcol";
|
||||||
scrape_interval = "10s";
|
scrape_interval = "10s";
|
||||||
static_configs = [
|
static_configs = [{
|
||||||
{
|
targets = [ cfg.metrics.endpoint ];
|
||||||
targets = [ cfg.metrics.endpoint ];
|
}];
|
||||||
}
|
|
||||||
];
|
|
||||||
metric_relabel_configs = [
|
metric_relabel_configs = [
|
||||||
{
|
{
|
||||||
source_labels = [ "__name__" ];
|
source_labels = [ "__name__" ];
|
||||||
|
@ -208,7 +195,7 @@ in
|
||||||
|
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
(mkIf (!config.components.monitor.metrics.enable) {
|
(mkIf (! config.components.monitor.metrics.enable) {
|
||||||
services.opentelemetry-collector.settings = {
|
services.opentelemetry-collector.settings = {
|
||||||
service.telemetry.metrics.level = "none";
|
service.telemetry.metrics.level = "none";
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,10 +1,4 @@
|
||||||
{
|
{ config, lib, pkgs, assets, ... }:
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
assets,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options.components.network.nginx.enable = mkOption {
|
options.components.network.nginx.enable = mkOption {
|
||||||
|
@ -22,13 +16,8 @@ with lib;
|
||||||
|
|
||||||
environment.systemPackages = [
|
environment.systemPackages = [
|
||||||
pkgs.nginx-config-formatter
|
pkgs.nginx-config-formatter
|
||||||
(pkgs.writers.writePython3Bin "nginx-show-config" {
|
(pkgs.writers.writePython3Bin "nginx-show-config" { flakeIgnore = [ "E265" "E225" "W292" ]; }
|
||||||
flakeIgnore = [
|
(lib.fileContents "${assets}/nginx-show-config.py"))
|
||||||
"E265"
|
|
||||||
"E225"
|
|
||||||
"W292"
|
|
||||||
];
|
|
||||||
} (lib.fileContents "${assets}/nginx-show-config.py"))
|
|
||||||
];
|
];
|
||||||
|
|
||||||
security.acme.defaults.email = "contact@ingolf-wagner.de";
|
security.acme.defaults.email = "contact@ingolf-wagner.de";
|
||||||
|
@ -96,11 +85,7 @@ with lib;
|
||||||
root = pkgs.landingpage.override {
|
root = pkgs.landingpage.override {
|
||||||
jsonConfig =
|
jsonConfig =
|
||||||
let
|
let
|
||||||
entry =
|
entry = { machine, items ? [ ] }:
|
||||||
{
|
|
||||||
machine,
|
|
||||||
items ? [ ],
|
|
||||||
}:
|
|
||||||
{
|
{
|
||||||
text = machine;
|
text = machine;
|
||||||
items = [
|
items = [
|
||||||
|
@ -189,12 +174,14 @@ with lib;
|
||||||
{
|
{
|
||||||
label = "Hetzner Cloud";
|
label = "Hetzner Cloud";
|
||||||
href = "https://console.hetzner.cloud/projects";
|
href = "https://console.hetzner.cloud/projects";
|
||||||
image = "https://media.giphy.com/media/NECZ8crkbXR0k/giphy.gif";
|
image =
|
||||||
|
"https://media.giphy.com/media/NECZ8crkbXR0k/giphy.gif";
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
label = "Cups";
|
label = "Cups";
|
||||||
href = "http://localhost:631/";
|
href = "http://localhost:631/";
|
||||||
image = "https://media.giphy.com/media/7hU7x4GPurk2c/giphy.gif";
|
image =
|
||||||
|
"https://media.giphy.com/media/7hU7x4GPurk2c/giphy.gif";
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
@ -204,42 +191,52 @@ with lib;
|
||||||
{
|
{
|
||||||
label = "NixOS Manual";
|
label = "NixOS Manual";
|
||||||
href = "https://nixos.org/nixos/manual/";
|
href = "https://nixos.org/nixos/manual/";
|
||||||
image = "https://media.giphy.com/media/dsdVyKkSqccEzoPufX/giphy.gif";
|
image =
|
||||||
|
"https://media.giphy.com/media/dsdVyKkSqccEzoPufX/giphy.gif";
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
label = "Nixpkgs Manual";
|
label = "Nixpkgs Manual";
|
||||||
href = "https://nixos.org/nixpkgs/manual/";
|
href = "https://nixos.org/nixpkgs/manual/";
|
||||||
image = "https://media.giphy.com/media/dsdVyKkSqccEzoPufX/giphy.gif";
|
image =
|
||||||
|
"https://media.giphy.com/media/dsdVyKkSqccEzoPufX/giphy.gif";
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
label = "NixOS Reference";
|
label = "NixOS Reference";
|
||||||
href = "https://storage.googleapis.com/files.tazj.in/nixdoc/manual.html#sec-functions-library";
|
href =
|
||||||
image = "https://media.giphy.com/media/LkjlH3rVETgsg/giphy.gif";
|
"https://storage.googleapis.com/files.tazj.in/nixdoc/manual.html#sec-functions-library";
|
||||||
|
image =
|
||||||
|
"https://media.giphy.com/media/LkjlH3rVETgsg/giphy.gif";
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
label = "Nix Packages";
|
label = "Nix Packages";
|
||||||
href = "https://nixos.org/nixos/packages.html";
|
href = "https://nixos.org/nixos/packages.html";
|
||||||
image = "https://media.giphy.com/media/l2YWlohvjPnsvkdEc/giphy.gif";
|
image =
|
||||||
|
"https://media.giphy.com/media/l2YWlohvjPnsvkdEc/giphy.gif";
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
label = "NixOS Language specific helpers";
|
label = "NixOS Language specific helpers";
|
||||||
href = "https://nixos.wiki/wiki/Language-specific_package_helpers";
|
href =
|
||||||
image = "https://media.giphy.com/media/LkjlH3rVETgsg/giphy.gif";
|
"https://nixos.wiki/wiki/Language-specific_package_helpers";
|
||||||
|
image =
|
||||||
|
"https://media.giphy.com/media/LkjlH3rVETgsg/giphy.gif";
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
label = "NixOS Weekly";
|
label = "NixOS Weekly";
|
||||||
href = "https://weekly.nixos.org/";
|
href = "https://weekly.nixos.org/";
|
||||||
image = "https://media.giphy.com/media/lXiRLb0xFzmreM8k8/giphy.gif";
|
image =
|
||||||
|
"https://media.giphy.com/media/lXiRLb0xFzmreM8k8/giphy.gif";
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
label = "NixOS Security";
|
label = "NixOS Security";
|
||||||
href = "https://broken.sh/";
|
href = "https://broken.sh/";
|
||||||
image = "https://media.giphy.com/media/BqILAHjH1Ttm0/giphy.gif";
|
image =
|
||||||
|
"https://media.giphy.com/media/BqILAHjH1Ttm0/giphy.gif";
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
label = "NixOS RFCs";
|
label = "NixOS RFCs";
|
||||||
href = "https://github.com/NixOS/rfcs/";
|
href = "https://github.com/NixOS/rfcs/";
|
||||||
image = "https://media.giphy.com/media/Uq9bGjGKg08M0/giphy.gif";
|
image =
|
||||||
|
"https://media.giphy.com/media/Uq9bGjGKg08M0/giphy.gif";
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,10 +1,4 @@
|
||||||
{
|
{ pkgs, config, lib, assets, ... }:
|
||||||
pkgs,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
assets,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
with types;
|
with types;
|
||||||
let
|
let
|
||||||
|
@ -12,7 +6,8 @@ let
|
||||||
cfg = config.components.network.sshd;
|
cfg = config.components.network.sshd;
|
||||||
|
|
||||||
# maybe ascii-image-converter is also nice here
|
# maybe ascii-image-converter is also nice here
|
||||||
sshBanner = pkgs.runCommand "ssh-banner" { nativeBuildInputs = [ pkgs.boxes ]; } ''
|
sshBanner = pkgs.runCommand "ssh-banner"
|
||||||
|
{ nativeBuildInputs = [ pkgs.boxes ]; } ''
|
||||||
echo "${config.networking.hostName}" | boxes -d ansi -s 80x1 -a r > $out
|
echo "${config.networking.hostName}" | boxes -d ansi -s 80x1 -a r > $out
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
|
|
@ -1,10 +1,4 @@
|
||||||
{
|
{ pkgs, config, lib, clanLib, ... }:
|
||||||
pkgs,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
clanLib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
let
|
let
|
||||||
publicKey = clanLib.readFact "ssh.id_ed25519.pub";
|
publicKey = clanLib.readFact "ssh.id_ed25519.pub";
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ pkgs, config, lib, ... }:
|
||||||
pkgs,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
config = mkIf (config.components.network.sshd.enable) {
|
config = mkIf (config.components.network.sshd.enable) {
|
||||||
|
@ -33,66 +28,65 @@ with lib;
|
||||||
};
|
};
|
||||||
gitlab = {
|
gitlab = {
|
||||||
hostNames = [ "gitlab.com" ];
|
hostNames = [ "gitlab.com" ];
|
||||||
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY=";
|
publicKey =
|
||||||
|
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY=";
|
||||||
};
|
};
|
||||||
gitlab-bk = {
|
gitlab-bk = {
|
||||||
hostNames = [
|
hostNames = [ "gitlab.bk-bund-berlin.de" "116.203.133.59" ];
|
||||||
"gitlab.bk-bund-berlin.de"
|
publicKey =
|
||||||
"116.203.133.59"
|
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCG/sjnOlbrmpUliFtM5fmZTcm2wpUoP5OQEzFrrkkwhstCO9fMty9mp5qnKlezYA9+l78RTd218qFjSKYxTQNw=";
|
||||||
];
|
|
||||||
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCG/sjnOlbrmpUliFtM5fmZTcm2wpUoP5OQEzFrrkkwhstCO9fMty9mp5qnKlezYA9+l78RTd218qFjSKYxTQNw=";
|
|
||||||
};
|
};
|
||||||
# space-left
|
# space-left
|
||||||
gitlabSpaceLeft = {
|
gitlabSpaceLeft = {
|
||||||
hostNames = [ "git.space-left.org" ];
|
hostNames = [ "git.space-left.org" ];
|
||||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAapztj8I3xy6Ea8A1q7Mo5C6zdgsK1bguAXcKUDCRBO";
|
publicKey =
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAapztj8I3xy6Ea8A1q7Mo5C6zdgsK1bguAXcKUDCRBO";
|
||||||
};
|
};
|
||||||
# c-base
|
# c-base
|
||||||
"bnd-cbase" = {
|
"bnd-cbase" = {
|
||||||
hostNames = [ "bnd.cbrp3.c-base.org" ];
|
hostNames = [ "bnd.cbrp3.c-base.org" ];
|
||||||
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKDknNl4M2WZChp1N/eRIpem2AEOceGIqvjo0ptBuwxUn0w0B8MGTVqoI+pnUVypORJRoNrLPOAkmEVr32BDN3E=";
|
publicKey =
|
||||||
|
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKDknNl4M2WZChp1N/eRIpem2AEOceGIqvjo0ptBuwxUn0w0B8MGTVqoI+pnUVypORJRoNrLPOAkmEVr32BDN3E=";
|
||||||
};
|
};
|
||||||
"shell.cbase" = {
|
"shell.cbase" = {
|
||||||
hostNames = [ "shell.c-base.org" ];
|
hostNames = [ "shell.c-base.org" ];
|
||||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOBKBn0mZtG3KWxpFqqcog8zvdIVrZmwj+ARujuNIAfo";
|
publicKey =
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOBKBn0mZtG3KWxpFqqcog8zvdIVrZmwj+ARujuNIAfo";
|
||||||
};
|
};
|
||||||
"kgb.cbase" = {
|
"kgb.cbase" = {
|
||||||
hostNames = [ "kgb.cbrp3.c-base.org" ];
|
hostNames = [ "kgb.cbrp3.c-base.org" ];
|
||||||
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAdyl7fnnCqomghJ1TDbh5FWFQWFwoO1Y1U/FpmWd8a9RcQvN0Izhg/7A+7ptDxbmpVii8hqfghlqUwtvVy7jo8=";
|
publicKey =
|
||||||
|
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAdyl7fnnCqomghJ1TDbh5FWFQWFwoO1Y1U/FpmWd8a9RcQvN0Izhg/7A+7ptDxbmpVii8hqfghlqUwtvVy7jo8=";
|
||||||
};
|
};
|
||||||
"cns.cbase" = {
|
"cns.cbase" = {
|
||||||
hostNames = [ "cns.c-base.org" ];
|
hostNames = [ "cns.c-base.org" ];
|
||||||
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOtlyLA2nMK9Uqpv4EbWS+rZ9Mx4bAjURmH+zrXkuRGBcU1cKm+TZfWe9/rPX57KaMPBDyIygOJIsM2T5SqX90A=";
|
publicKey =
|
||||||
|
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOtlyLA2nMK9Uqpv4EbWS+rZ9Mx4bAjURmH+zrXkuRGBcU1cKm+TZfWe9/rPX57KaMPBDyIygOJIsM2T5SqX90A=";
|
||||||
};
|
};
|
||||||
"lassulus" = {
|
"lassulus" = {
|
||||||
hostNames = [ "[lassul.us]:45621" ];
|
hostNames = [ "[lassul.us]:45621" ];
|
||||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsANFdMi825qWQXQbWLYuNZ6/fARt3lnh1KStQHQQMD";
|
publicKey =
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsANFdMi825qWQXQbWLYuNZ6/fARt3lnh1KStQHQQMD";
|
||||||
};
|
};
|
||||||
renoise = {
|
renoise = {
|
||||||
hostNames = [
|
hostNames = [ "*.renoise.com" "renoise.com" "94.130.128.97" ];
|
||||||
"*.renoise.com"
|
publicKey =
|
||||||
"renoise.com"
|
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLXxhBlYQJxgcLqKywpl1tI1N/+B5bkptAnR2a3tsRybq0IHZnIkSRGUYcu5zPwJT+bitVw8BvIaGzxI+Zm2ivE=";
|
||||||
"94.130.128.97"
|
|
||||||
];
|
|
||||||
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLXxhBlYQJxgcLqKywpl1tI1N/+B5bkptAnR2a3tsRybq0IHZnIkSRGUYcu5zPwJT+bitVw8BvIaGzxI+Zm2ivE=";
|
|
||||||
};
|
};
|
||||||
git-renoise = {
|
git-renoise = {
|
||||||
hostNames = [
|
hostNames = [ "[git.renoise.com]:2229" "[94.130.128.97]:2229" ];
|
||||||
"[git.renoise.com]:2229"
|
publicKey =
|
||||||
"[94.130.128.97]:2229"
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmIOTjQsD1TaD9MiECcRqwfAXfRdbI+2pkuF+zhBUkrX41NA4LzifPY4Iw3PlklE0YGIOzYyNitzkdgxIWkeqa0Y9iL3gGZBuLFORj5YXWlDKB2RrPAsZRL8y69y4H6RWPpL6DHHsf9eT+HgRzWzzn5nUFLfkCsuM96BqjIKN1pinIBcE6gst1UUSwSTjK8XZA5d4BiSrLF4HiNXnDm+qniYGbGkzZcjn1ua+l0GdGbfg9TotFnSK/QXgN3MeHHDZKnIjOIkOXCY+L5URe0RHo6pBFdj+BLr211AJhB52MrDNudQcY6eSQiJ08LeE6SkcrsQO/VZ/JnOkHxHd2mOyH";
|
||||||
];
|
|
||||||
publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmIOTjQsD1TaD9MiECcRqwfAXfRdbI+2pkuF+zhBUkrX41NA4LzifPY4Iw3PlklE0YGIOzYyNitzkdgxIWkeqa0Y9iL3gGZBuLFORj5YXWlDKB2RrPAsZRL8y69y4H6RWPpL6DHHsf9eT+HgRzWzzn5nUFLfkCsuM96BqjIKN1pinIBcE6gst1UUSwSTjK8XZA5d4BiSrLF4HiNXnDm+qniYGbGkzZcjn1ua+l0GdGbfg9TotFnSK/QXgN3MeHHDZKnIjOIkOXCY+L5URe0RHo6pBFdj+BLr211AJhB52MrDNudQcY6eSQiJ08LeE6SkcrsQO/VZ/JnOkHxHd2mOyH";
|
|
||||||
};
|
};
|
||||||
"siteground" = {
|
"siteground" = {
|
||||||
hostNames = [
|
hostNames = [ "[es5.siteground.eu]:18765" "[37.60.224.6]:18765" ];
|
||||||
"[es5.siteground.eu]:18765"
|
publicKey =
|
||||||
"[37.60.224.6]:18765"
|
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHZuvHooyHa69rU+SfOghM6yfc7bce5cMi9sh5JkoLPi+m8QEkX3oiG9rRpAhp0GYnB74M4l1+0XlxmG7/HVmq0=";
|
||||||
];
|
|
||||||
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHZuvHooyHa69rU+SfOghM6yfc7bce5cMi9sh5JkoLPi+m8QEkX3oiG9rRpAhp0GYnB74M4l1+0XlxmG7/HVmq0=";
|
|
||||||
};
|
};
|
||||||
"cracksucht.de" = {
|
"cracksucht.de" = {
|
||||||
hostNames = [ "cracksucht.de" ];
|
hostNames = [ "cracksucht.de" ];
|
||||||
publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVqpWzX+C7veO/1MDSdh5ukFhpI4cfXevbl6DVb9gVt1wdYB0JsiMiWfl13MZJy9iEP/KfwRLYmu8i36tDR9uJfHQyLK8G7q2DhrleIPgM3dFCdDU1QtulE8hEq/ZsqzMn/QIHYIipIqzNfmC/xnpX2gIo09T7EY+n863ALlj+GqxMb4nr2XDLY+Lllo2yMzylJIz9q8U5hOmzrlCnBpf2MPMwanHXnZXj2CmO80VyBHnAMJ/h72AN1qzDaHFlhxh0Li/POc1bpDjiVjiUPgimHZWpi3VObxWLLn2zf+RH2lx0yXMccSEnkWvHp+Ll5apIUUS+vTlDo3niWpEfGZLl root@debian";
|
publicKey =
|
||||||
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVqpWzX+C7veO/1MDSdh5ukFhpI4cfXevbl6DVb9gVt1wdYB0JsiMiWfl13MZJy9iEP/KfwRLYmu8i36tDR9uJfHQyLK8G7q2DhrleIPgM3dFCdDU1QtulE8hEq/ZsqzMn/QIHYIipIqzNfmC/xnpX2gIo09T7EY+n863ALlj+GqxMb4nr2XDLY+Lllo2yMzylJIz9q8U5hOmzrlCnBpf2MPMwanHXnZXj2CmO80VyBHnAMJ/h72AN1qzDaHFlhxh0Li/POc1bpDjiVjiUPgimHZWpi3VObxWLLn2zf+RH2lx0yXMccSEnkWvHp+Ll5apIUUS+vTlDo3niWpEfGZLl root@debian";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -1,34 +1,34 @@
|
||||||
{
|
{ lib, config, clanLib, ... }:
|
||||||
lib,
|
|
||||||
config,
|
|
||||||
clanLib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
with types;
|
with types;
|
||||||
let
|
let
|
||||||
machines = clanLib.allMachineNames;
|
machines = clanLib.allMachineNames;
|
||||||
publicKey = clanLib.readFact "ssh.id_ed25519.pub";
|
publicKey = clanLib.readFact "ssh.id_ed25519.pub";
|
||||||
tld = config.clan.static-hosts.topLevelDomain;
|
tld = config.clan.static-hosts.topLevelDomain;
|
||||||
knownHosts = lib.genAttrs machines (machine: {
|
knownHosts = lib.genAttrs machines
|
||||||
hostNames = [
|
(machine:
|
||||||
"${machine}"
|
{
|
||||||
"${machine}.${tld}"
|
hostNames = [
|
||||||
"${machine}.private"
|
"${machine}"
|
||||||
];
|
"${machine}.${tld}"
|
||||||
publicKey = publicKey machine;
|
"${machine}.private"
|
||||||
});
|
];
|
||||||
|
publicKey = publicKey machine;
|
||||||
|
}
|
||||||
|
);
|
||||||
bootMachines = clanLib.readFactFromAllMachines "ssh.boot.id_ed25519.pub";
|
bootMachines = clanLib.readFactFromAllMachines "ssh.boot.id_ed25519.pub";
|
||||||
knownBootHosts = lib.mapAttrs' (
|
knownBootHosts = lib.mapAttrs'
|
||||||
machine: publicKey:
|
(machine: publicKey: nameValuePair
|
||||||
nameValuePair "boot_${machine}" {
|
"boot_${machine}"
|
||||||
inherit publicKey;
|
{
|
||||||
hostNames = [
|
inherit publicKey;
|
||||||
"[${machine}]:2222"
|
hostNames = [
|
||||||
"[${machine}.public]:2222"
|
"[${machine}]:2222"
|
||||||
];
|
"[${machine}.public]:2222"
|
||||||
}
|
];
|
||||||
) bootMachines;
|
}
|
||||||
|
)
|
||||||
|
bootMachines;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
|
||||||
|
|
|
@ -1,13 +1,5 @@
|
||||||
{
|
{ config, lib, pkgs, factsGenerator, clanLib, ... }:
|
||||||
config,
|
with lib; {
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
factsGenerator,
|
|
||||||
clanLib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
|
||||||
{
|
|
||||||
|
|
||||||
# networking.firewall.interfaces."gummybears".allowedTCPPorts = [ 8384 ];
|
# networking.firewall.interfaces."gummybears".allowedTCPPorts = [ 8384 ];
|
||||||
|
|
||||||
|
@ -27,12 +19,7 @@ with lib;
|
||||||
id = facts."syncthing.pub";
|
id = facts."syncthing.pub";
|
||||||
addresses = [ "tcp://[${facts."zerotier-ip"}]:22000" ];
|
addresses = [ "tcp://[${facts."zerotier-ip"}]:22000" ];
|
||||||
})
|
})
|
||||||
(
|
(clanLib.readFactsFromAllMachines [ "syncthing.pub" "zerotier-ip" ]);
|
||||||
clanLib.readFactsFromAllMachines [
|
|
||||||
"syncthing.pub"
|
|
||||||
"zerotier-ip"
|
|
||||||
]
|
|
||||||
);
|
|
||||||
device = machine: id: {
|
device = machine: id: {
|
||||||
"${machine}" = {
|
"${machine}" = {
|
||||||
name = machine;
|
name = machine;
|
||||||
|
@ -43,26 +30,20 @@ with lib;
|
||||||
in
|
in
|
||||||
clanMachines
|
clanMachines
|
||||||
// (device "iPhone" "RPQBSRB-DYEUUWQ-EAPMBA2-PL4MJ73-Y4F4ZTH-TAD7DUE-GEK56BG-HYW6YAF")
|
// (device "iPhone" "RPQBSRB-DYEUUWQ-EAPMBA2-PL4MJ73-Y4F4ZTH-TAD7DUE-GEK56BG-HYW6YAF")
|
||||||
// (device "bumba" "JS7PWTO-VKFGBUP-GNFLSWP-MGFJ2KH-HLO2LKW-V3RPCR6-PCB5SQC-42FCKQZ");
|
// (device "bumba" "JS7PWTO-VKFGBUP-GNFLSWP-MGFJ2KH-HLO2LKW-V3RPCR6-PCB5SQC-42FCKQZ")
|
||||||
|
;
|
||||||
|
|
||||||
settings.folders = {
|
settings.folders = {
|
||||||
|
|
||||||
audiobooks = {
|
audiobooks = {
|
||||||
enable = lib.mkDefault false;
|
enable = lib.mkDefault false;
|
||||||
path = lib.mkDefault "/tmp/audiobooks";
|
path = lib.mkDefault "/tmp/audiobooks";
|
||||||
devices = [
|
devices = [ "chungus" "orbi" ];
|
||||||
"chungus"
|
|
||||||
"orbi"
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
books = {
|
books = {
|
||||||
enable = lib.mkDefault false;
|
enable = lib.mkDefault false;
|
||||||
path = lib.mkDefault "/tmp/books";
|
path = lib.mkDefault "/tmp/books";
|
||||||
devices = [
|
devices = [ "chungus" "cream" "cherry" ];
|
||||||
"chungus"
|
|
||||||
"cream"
|
|
||||||
"cherry"
|
|
||||||
];
|
|
||||||
versioning = {
|
versioning = {
|
||||||
type = "simple";
|
type = "simple";
|
||||||
params.keep = "2";
|
params.keep = "2";
|
||||||
|
@ -71,20 +52,12 @@ with lib;
|
||||||
desktop = {
|
desktop = {
|
||||||
enable = lib.mkDefault false;
|
enable = lib.mkDefault false;
|
||||||
path = lib.mkDefault "/tmp/desktop";
|
path = lib.mkDefault "/tmp/desktop";
|
||||||
devices = [
|
devices = [ "chungus" "cream" "cherry" ];
|
||||||
"chungus"
|
|
||||||
"cream"
|
|
||||||
"cherry"
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
finance = {
|
finance = {
|
||||||
enable = lib.mkDefault false;
|
enable = lib.mkDefault false;
|
||||||
path = lib.mkDefault "/tmp/finance";
|
path = lib.mkDefault "/tmp/finance";
|
||||||
devices = [
|
devices = [ "chungus" "cream" "cherry" ];
|
||||||
"chungus"
|
|
||||||
"cream"
|
|
||||||
"cherry"
|
|
||||||
];
|
|
||||||
versioning = {
|
versioning = {
|
||||||
type = "simple";
|
type = "simple";
|
||||||
params.keep = "10";
|
params.keep = "10";
|
||||||
|
@ -93,46 +66,27 @@ with lib;
|
||||||
flix = {
|
flix = {
|
||||||
enable = lib.mkDefault false;
|
enable = lib.mkDefault false;
|
||||||
path = lib.mkDefault "/tmp/flix";
|
path = lib.mkDefault "/tmp/flix";
|
||||||
devices = [
|
devices = [ "chungus" "orbi" ];
|
||||||
"chungus"
|
|
||||||
"orbi"
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
logseq = {
|
logseq = {
|
||||||
enable = lib.mkDefault false;
|
enable = lib.mkDefault false;
|
||||||
path = lib.mkDefault "/tmp/logseq";
|
path = lib.mkDefault "/tmp/logseq";
|
||||||
devices = [
|
devices = [ "chungus" "cream" "cherry" "iPhone" ];
|
||||||
"chungus"
|
|
||||||
"cream"
|
|
||||||
"cherry"
|
|
||||||
"iPhone"
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
lectures = {
|
lectures = {
|
||||||
enable = lib.mkDefault false;
|
enable = lib.mkDefault false;
|
||||||
path = lib.mkDefault "/tmp/lectures";
|
path = lib.mkDefault "/tmp/lectures";
|
||||||
devices = [
|
devices = [ "chungus" "orbi" ];
|
||||||
"chungus"
|
|
||||||
"orbi"
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
oscar_cpap = {
|
oscar_cpap = {
|
||||||
enable = lib.mkDefault false;
|
enable = lib.mkDefault false;
|
||||||
path = lib.mkDefault "/tmp/oscar_cpap";
|
path = lib.mkDefault "/tmp/oscar_cpap";
|
||||||
devices = [
|
devices = [ "chungus" "cream" "cherry" ];
|
||||||
"chungus"
|
|
||||||
"cream"
|
|
||||||
"cherry"
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
password-store = {
|
password-store = {
|
||||||
enable = lib.mkDefault false;
|
enable = lib.mkDefault false;
|
||||||
path = lib.mkDefault "/tmp/password-store";
|
path = lib.mkDefault "/tmp/password-store";
|
||||||
devices = [
|
devices = [ "chungus" "cream" "cherry" ];
|
||||||
"chungus"
|
|
||||||
"cream"
|
|
||||||
"cherry"
|
|
||||||
];
|
|
||||||
versioning = {
|
versioning = {
|
||||||
type = "simple";
|
type = "simple";
|
||||||
params.keep = "10";
|
params.keep = "10";
|
||||||
|
@ -142,11 +96,7 @@ with lib;
|
||||||
share = {
|
share = {
|
||||||
enable = lib.mkDefault false;
|
enable = lib.mkDefault false;
|
||||||
path = lib.mkDefault "/tmp/password-store";
|
path = lib.mkDefault "/tmp/password-store";
|
||||||
devices = [
|
devices = [ "cream" "cherry" "orbi" ];
|
||||||
"cream"
|
|
||||||
"cherry"
|
|
||||||
"orbi"
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,10 +1,4 @@
|
||||||
{
|
{ lib, config, factsGenerator, clanLib, ... }:
|
||||||
lib,
|
|
||||||
config,
|
|
||||||
factsGenerator,
|
|
||||||
clanLib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
|
|
||||||
|
@ -26,21 +20,18 @@ with lib;
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkMerge [
|
config = mkMerge [
|
||||||
(mkIf config.tinc.private.enable (
|
(mkIf config.tinc.private.enable (import ./private.nix {
|
||||||
import ./private.nix {
|
ipv4 = config.tinc.private.ipv4;
|
||||||
ipv4 = config.tinc.private.ipv4;
|
ipv6 = null;
|
||||||
ipv6 = null;
|
inherit (lib) optionalString concatStringsSep mapAttrsToList;
|
||||||
inherit (lib) optionalString concatStringsSep mapAttrsToList;
|
inherit config factsGenerator clanLib;
|
||||||
inherit config factsGenerator clanLib;
|
}))
|
||||||
}
|
(mkIf config.tinc.secret.enable (import ./secret.nix {
|
||||||
))
|
ipv4 = config.tinc.secret.ipv4;
|
||||||
(mkIf config.tinc.secret.enable (
|
ipv6 = null;
|
||||||
import ./secret.nix {
|
inherit (lib) optionalString concatStringsSep mapAttrsToList;
|
||||||
ipv4 = config.tinc.secret.ipv4;
|
inherit config factsGenerator clanLib;
|
||||||
ipv6 = null;
|
}))
|
||||||
inherit (lib) optionalString concatStringsSep mapAttrsToList;
|
|
||||||
inherit config factsGenerator clanLib;
|
|
||||||
}
|
|
||||||
))
|
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,13 +1,12 @@
|
||||||
{
|
{ ipv4
|
||||||
ipv4,
|
, ipv6
|
||||||
ipv6,
|
, config
|
||||||
config,
|
, optionalString
|
||||||
optionalString,
|
, concatStringsSep
|
||||||
concatStringsSep,
|
, factsGenerator
|
||||||
factsGenerator,
|
, mapAttrsToList
|
||||||
mapAttrsToList,
|
, clanLib
|
||||||
clanLib,
|
, ...
|
||||||
...
|
|
||||||
}:
|
}:
|
||||||
let
|
let
|
||||||
hosts = {
|
hosts = {
|
||||||
|
@ -52,36 +51,35 @@ in
|
||||||
|
|
||||||
services.tinc.networks = {
|
services.tinc.networks = {
|
||||||
${network} = {
|
${network} = {
|
||||||
ed25519PrivateKeyFile =
|
ed25519PrivateKeyFile = config.clan.core.facts.services.tinc_private.secret."tinc.private.ed25519_key.priv".path;
|
||||||
config.clan.core.facts.services.tinc_private.secret."tinc.private.ed25519_key.priv".path;
|
|
||||||
interfaceType = "tap";
|
interfaceType = "tap";
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
LocalDiscovery = yes
|
LocalDiscovery = yes
|
||||||
'';
|
'';
|
||||||
hostSettings = {
|
hostSettings = {
|
||||||
mobi = {
|
mobi = {
|
||||||
subnets = [ { address = hosts.mobi; } ];
|
subnets = [{ address = hosts.mobi; }];
|
||||||
settings.Ed25519PublicKey = "X5sp3YYevVNUrzYvi+HZ2iW5WbO0bIb58jR4jZFH6MB";
|
settings.Ed25519PublicKey = "X5sp3YYevVNUrzYvi+HZ2iW5WbO0bIb58jR4jZFH6MB";
|
||||||
};
|
};
|
||||||
bobi = {
|
bobi = {
|
||||||
subnets = [ { address = hosts.bobi; } ];
|
subnets = [{ address = hosts.bobi; }];
|
||||||
settings.Ed25519PublicKey = "jwvNd4oAgz2cWEI74VTVYU1qgPWq823/a0iEDqJ8KMD";
|
settings.Ed25519PublicKey = "jwvNd4oAgz2cWEI74VTVYU1qgPWq823/a0iEDqJ8KMD";
|
||||||
};
|
};
|
||||||
cream = {
|
cream = {
|
||||||
subnets = [ { address = hosts.cream; } ];
|
subnets = [{ address = hosts.cream; }];
|
||||||
settings.Ed25519PublicKey = Ed25519PublicKey "cream";
|
settings.Ed25519PublicKey = Ed25519PublicKey "cream";
|
||||||
};
|
};
|
||||||
cherry = {
|
cherry = {
|
||||||
subnets = [ { address = hosts.cherry; } ];
|
subnets = [{ address = hosts.cherry; }];
|
||||||
settings.Ed25519PublicKey = Ed25519PublicKey "cherry";
|
settings.Ed25519PublicKey = Ed25519PublicKey "cherry";
|
||||||
};
|
};
|
||||||
chungus = {
|
chungus = {
|
||||||
subnets = [ { address = hosts.chungus; } ];
|
subnets = [{ address = hosts.chungus; }];
|
||||||
settings.Ed25519PublicKey = Ed25519PublicKey "chungus";
|
settings.Ed25519PublicKey = Ed25519PublicKey "chungus";
|
||||||
};
|
};
|
||||||
orbi = {
|
orbi = {
|
||||||
addresses = [ { address = "95.216.66.212"; } ];
|
addresses = [{ address = "95.216.66.212"; }];
|
||||||
subnets = [ { address = hosts.orbi; } ];
|
subnets = [{ address = hosts.orbi; }];
|
||||||
settings.Ed25519PublicKey = Ed25519PublicKey "orbi";
|
settings.Ed25519PublicKey = Ed25519PublicKey "orbi";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -102,8 +100,6 @@ in
|
||||||
LinkLocalAddressing = no
|
LinkLocalAddressing = no
|
||||||
'';
|
'';
|
||||||
|
|
||||||
networking.extraHosts = concatStringsSep "\n" (
|
networking.extraHosts = concatStringsSep "\n" (mapAttrsToList (name: ip: "${ip} ${name}.${network}") (hosts // subDomains));
|
||||||
mapAttrsToList (name: ip: "${ip} ${name}.${network}") (hosts // subDomains)
|
|
||||||
);
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,12 +1,11 @@
|
||||||
{
|
{ ipv4
|
||||||
ipv4,
|
, ipv6
|
||||||
ipv6,
|
, config
|
||||||
config,
|
, optionalString
|
||||||
optionalString,
|
, concatStringsSep
|
||||||
concatStringsSep,
|
, mapAttrsToList
|
||||||
mapAttrsToList,
|
, factsGenerator
|
||||||
factsGenerator,
|
, ...
|
||||||
...
|
|
||||||
}:
|
}:
|
||||||
let
|
let
|
||||||
port = 721;
|
port = 721;
|
||||||
|
@ -24,37 +23,31 @@ in
|
||||||
|
|
||||||
services.tinc.networks = {
|
services.tinc.networks = {
|
||||||
${network} = {
|
${network} = {
|
||||||
ed25519PrivateKeyFile =
|
ed25519PrivateKeyFile = config.clan.core.facts.services.tinc_secret.secret."tinc.secret.ed25519_key.priv".path;
|
||||||
config.clan.core.facts.services.tinc_secret.secret."tinc.secret.ed25519_key.priv".path;
|
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
LocalDiscovery = yes
|
LocalDiscovery = yes
|
||||||
Port = ${toString port}
|
Port = ${toString port}
|
||||||
'';
|
'';
|
||||||
hostSettings = {
|
hostSettings = {
|
||||||
sternchen = {
|
sternchen = {
|
||||||
subnets = [ { address = hosts.sternchen; } ];
|
subnets = [{ address = hosts.sternchen; }];
|
||||||
settings.Ed25519PublicKey = "Z567IKl00Kw5JFBNwMvjL33QYe2hRoNtQcNIDFRPReB";
|
settings.Ed25519PublicKey = "Z567IKl00Kw5JFBNwMvjL33QYe2hRoNtQcNIDFRPReB";
|
||||||
};
|
};
|
||||||
cream = {
|
cream = {
|
||||||
subnets = [ { address = hosts.cream; } ];
|
subnets = [{ address = hosts.cream; }];
|
||||||
settings.Ed25519PublicKey = "Y/YRA90mAlNEmdhUWlUTHjjsco6d6hlvW11sPtarIdL";
|
settings.Ed25519PublicKey = "Y/YRA90mAlNEmdhUWlUTHjjsco6d6hlvW11sPtarIdL";
|
||||||
};
|
};
|
||||||
cherry = {
|
cherry = {
|
||||||
subnets = [ { address = hosts.cherry; } ];
|
subnets = [{ address = hosts.cherry; }];
|
||||||
settings.Ed25519PublicKey = "BsPIrZjbzn0aryC0HO3OXSb4oFCMmzNDmMDQmxUXUuC";
|
settings.Ed25519PublicKey = "BsPIrZjbzn0aryC0HO3OXSb4oFCMmzNDmMDQmxUXUuC";
|
||||||
};
|
};
|
||||||
sterni = {
|
sterni = {
|
||||||
subnets = [ { address = hosts.sterni; } ];
|
subnets = [{ address = hosts.sterni; }];
|
||||||
settings.Ed25519PublicKey = "r6mRDc814z2YtyG9ev/XXV2SgquqWR8n53V13xNXb7O";
|
settings.Ed25519PublicKey = "r6mRDc814z2YtyG9ev/XXV2SgquqWR8n53V13xNXb7O";
|
||||||
};
|
};
|
||||||
robi = {
|
robi = {
|
||||||
addresses = [
|
addresses = [{ address = "144.76.13.147"; port = port; }];
|
||||||
{
|
subnets = [{ address = hosts.robi; }];
|
||||||
address = "144.76.13.147";
|
|
||||||
port = port;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
subnets = [ { address = hosts.robi; } ];
|
|
||||||
settings.Ed25519PublicKey = "bZUbSdME4fwudNVbUoNO7PpoOS2xALsyTs81F260KbL";
|
settings.Ed25519PublicKey = "bZUbSdME4fwudNVbUoNO7PpoOS2xALsyTs81F260KbL";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -75,37 +68,23 @@ in
|
||||||
LinkLocalAddressing = no
|
LinkLocalAddressing = no
|
||||||
'';
|
'';
|
||||||
|
|
||||||
networking.extraHosts = concatStringsSep "\n" (
|
networking.extraHosts = concatStringsSep "\n" (mapAttrsToList (name: ip: "${ip} ${name}.${network}") hosts);
|
||||||
mapAttrsToList (name: ip: "${ip} ${name}.${network}") hosts
|
|
||||||
);
|
|
||||||
|
|
||||||
services.openssh.knownHosts = {
|
services.openssh.knownHosts = {
|
||||||
"cream.${network}" = {
|
"cream.${network}" = {
|
||||||
hostNames = [
|
hostNames = [ "cream.${network}" hosts.cream ];
|
||||||
"cream.${network}"
|
|
||||||
hosts.cream
|
|
||||||
];
|
|
||||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIConHiCL7INgAhuN6Z9TqP0zP+xNpdV7+OHwUca4IRDD";
|
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIConHiCL7INgAhuN6Z9TqP0zP+xNpdV7+OHwUca4IRDD";
|
||||||
};
|
};
|
||||||
"sternchen.${network}" = {
|
"sternchen.${network}" = {
|
||||||
hostNames = [
|
hostNames = [ "sterni.${network}" hosts.sterni ];
|
||||||
"sterni.${network}"
|
|
||||||
hosts.sterni
|
|
||||||
];
|
|
||||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILriD/0+65L1mkbjKENwpvB3wUMXz/rEf9J8wuJjJa0q";
|
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILriD/0+65L1mkbjKENwpvB3wUMXz/rEf9J8wuJjJa0q";
|
||||||
};
|
};
|
||||||
"sterni.${network}" = {
|
"sterni.${network}" = {
|
||||||
hostNames = [
|
hostNames = [ "sterni.${network}" hosts.sterni ];
|
||||||
"sterni.${network}"
|
|
||||||
hosts.sterni
|
|
||||||
];
|
|
||||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEQRH4gzT4vWSx3KN80ePPYhSPZRUae/qSyEym6pJTht";
|
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEQRH4gzT4vWSx3KN80ePPYhSPZRUae/qSyEym6pJTht";
|
||||||
};
|
};
|
||||||
"robi" = {
|
"robi" = {
|
||||||
hostNames = [
|
hostNames = [ "robi.${network}" hosts.robi ];
|
||||||
"robi.${network}"
|
|
||||||
hosts.robi
|
|
||||||
];
|
|
||||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK2PGX6cZuBUGX4VweMzi0aRh4uQ61yngCzZGcK3w5XV";
|
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK2PGX6cZuBUGX4VweMzi0aRh4uQ61yngCzZGcK3w5XV";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ config, lib, pkgs, ... }:
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
with types;
|
with types;
|
||||||
{
|
{
|
||||||
|
@ -27,6 +22,7 @@ with types;
|
||||||
# Setting this value to 1 means to try activation once, without retry.
|
# Setting this value to 1 means to try activation once, without retry.
|
||||||
networking.networkmanager.settings.main.autoconnect-retries-default = 999;
|
networking.networkmanager.settings.main.autoconnect-retries-default = 999;
|
||||||
|
|
||||||
|
|
||||||
hardware.enableRedistributableFirmware = true;
|
hardware.enableRedistributableFirmware = true;
|
||||||
|
|
||||||
# because Networkd-wait-online is just failing.
|
# because Networkd-wait-online is just failing.
|
||||||
|
@ -51,3 +47,4 @@ with types;
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -28,4 +28,6 @@ with lib;
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,10 +1,5 @@
|
||||||
# MIT Jörg Thalheim - https://github.com/Mic92/dotfiles/blob/c6cad4e57016945c4816c8ec6f0a94daaa0c3203/nixos/modules/upgrade-diff.nix
|
# MIT Jörg Thalheim - https://github.com/Mic92/dotfiles/blob/c6cad4e57016945c4816c8ec6f0a94daaa0c3203/nixos/modules/upgrade-diff.nix
|
||||||
{
|
{ config, lib, pkgs, ... }:
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
{
|
{
|
||||||
|
|
||||||
options.components.nixos.update-diff.enable = lib.mkOption {
|
options.components.nixos.update-diff.enable = lib.mkOption {
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ pkgs, config, lib, ... }:
|
||||||
pkgs,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options.components.terminal.bash.enable = mkOption {
|
options.components.terminal.bash.enable = mkOption {
|
||||||
|
@ -21,6 +16,7 @@ with lib;
|
||||||
|
|
||||||
interactiveShellInit = "set -o vi";
|
interactiveShellInit = "set -o vi";
|
||||||
|
|
||||||
|
|
||||||
shellAliases = {
|
shellAliases = {
|
||||||
ls = "ls --color=tty";
|
ls = "ls --color=tty";
|
||||||
l = "ls -CFh";
|
l = "ls -CFh";
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ config, pkgs, lib, ... }:
|
||||||
config,
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options.components.terminal = {
|
options.components.terminal = {
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ pkgs, config, lib, ... }:
|
||||||
pkgs,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options.components.terminal.direnv.enable = mkOption {
|
options.components.terminal.direnv.enable = mkOption {
|
||||||
|
@ -17,10 +12,7 @@ with lib;
|
||||||
home-manager.sharedModules = [
|
home-manager.sharedModules = [
|
||||||
{
|
{
|
||||||
programs.direnv.enable = true;
|
programs.direnv.enable = true;
|
||||||
programs.git.ignores = [
|
programs.git.ignores = [ ".envrc" ".direnv" ];
|
||||||
".envrc"
|
|
||||||
".direnv"
|
|
||||||
];
|
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ config, pkgs, lib, ... }:
|
||||||
config,
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options.components.terminal.git.enable = mkOption {
|
options.components.terminal.git.enable = mkOption {
|
||||||
|
@ -13,6 +8,7 @@ with lib;
|
||||||
|
|
||||||
config = mkIf (config.components.terminal.git.enable) {
|
config = mkIf (config.components.terminal.git.enable) {
|
||||||
|
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
git
|
git
|
||||||
gita
|
gita
|
||||||
|
@ -33,3 +29,4 @@ with lib;
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ config, lib, pkgs, ... }:
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options.components.terminal.heygpt.enable = mkOption {
|
options.components.terminal.heygpt.enable = mkOption {
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ pkgs, config, lib, ... }:
|
||||||
pkgs,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
let
|
let
|
||||||
hoardSrc = pkgs.fetchFromGitHub {
|
hoardSrc = pkgs.fetchFromGitHub {
|
||||||
|
@ -36,26 +31,10 @@ in
|
||||||
config_home_path = "/home/palo/.config/hoard";
|
config_home_path = "/home/palo/.config/hoard";
|
||||||
trove_path = "/home/palo/.config/hoard/trove.yml";
|
trove_path = "/home/palo/.config/hoard/trove.yml";
|
||||||
query_prefix = " >";
|
query_prefix = " >";
|
||||||
primary_color = [
|
primary_color = [ 87 142 87 ];
|
||||||
87
|
secondary_color = [ 203 184 144 ];
|
||||||
142
|
tertiary_color = [ 30 30 30 ];
|
||||||
87
|
command_color = [ 30 30 30 ];
|
||||||
];
|
|
||||||
secondary_color = [
|
|
||||||
203
|
|
||||||
184
|
|
||||||
144
|
|
||||||
];
|
|
||||||
tertiary_color = [
|
|
||||||
30
|
|
||||||
30
|
|
||||||
30
|
|
||||||
];
|
|
||||||
command_color = [
|
|
||||||
30
|
|
||||||
30
|
|
||||||
30
|
|
||||||
];
|
|
||||||
parameter_token = "#";
|
parameter_token = "#";
|
||||||
read_from_current_directory = true;
|
read_from_current_directory = true;
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ pkgs, config, lib, ... }:
|
||||||
pkgs,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options.components.terminal.remote-install.enable = mkOption {
|
options.components.terminal.remote-install.enable = mkOption {
|
||||||
|
@ -15,7 +10,7 @@ with lib;
|
||||||
services.tor = {
|
services.tor = {
|
||||||
enable = true;
|
enable = true;
|
||||||
client.enable = true;
|
client.enable = true;
|
||||||
relay.onionServices.liveos.map = [ { port = 1337; } ];
|
relay.onionServices.liveos.map = [{ port = 1337; }];
|
||||||
};
|
};
|
||||||
|
|
||||||
environment.systemPackages = [
|
environment.systemPackages = [
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ pkgs, config, lib, ... }:
|
||||||
pkgs,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
let
|
let
|
||||||
|
|
||||||
|
@ -59,29 +54,23 @@ let
|
||||||
echo
|
echo
|
||||||
'';
|
'';
|
||||||
|
|
||||||
userHighlight =
|
userHighlight = map ({ user, ... }: user)
|
||||||
map ({ user, ... }: user) (builtins.attrValues config.services.browser.configList)
|
(builtins.attrValues config.services.browser.configList)
|
||||||
++ [ "steam" ];
|
++ [ "steam" ];
|
||||||
|
|
||||||
activeUsers = pkgs.writers.writeBash "active-users" ''
|
activeUsers = pkgs.writers.writeBash "active-users" ''
|
||||||
${pkgs.procps}/bin/ps -eo user \
|
${pkgs.procps}/bin/ps -eo user \
|
||||||
| ${pkgs.gnused}/bin/sed '1 d' \
|
| ${pkgs.gnused}/bin/sed '1 d' \
|
||||||
| ${pkgs.coreutils}/bin/sort \
|
| ${pkgs.coreutils}/bin/sort \
|
||||||
| ${pkgs.coreutils}/bin/uniq \
|
| ${pkgs.coreutils}/bin/uniq \
|
||||||
| ${pkgs.gnugrep}/bin/egrep --color=always '(${pkgs.lib.concatStringsSep "|" userHighlight})|$'
|
| ${pkgs.gnugrep}/bin/egrep --color=always '(${
|
||||||
|
pkgs.lib.concatStringsSep "|" userHighlight
|
||||||
|
})|$'
|
||||||
'';
|
'';
|
||||||
|
|
||||||
# default settings
|
# default settings
|
||||||
wtfModule =
|
wtfModule =
|
||||||
args@{
|
args@{ height ? 1, width ? 1, top, left, enabled ? true, type, ... }:
|
||||||
height ? 1,
|
|
||||||
width ? 1,
|
|
||||||
top,
|
|
||||||
left,
|
|
||||||
enabled ? true,
|
|
||||||
type,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
{
|
{
|
||||||
enabled = enabled;
|
enabled = enabled;
|
||||||
focusable = false;
|
focusable = false;
|
||||||
|
@ -89,157 +78,107 @@ let
|
||||||
position.left = left;
|
position.left = left;
|
||||||
position.height = height;
|
position.height = height;
|
||||||
position.width = width;
|
position.width = width;
|
||||||
}
|
} // (lib.filterAttrs
|
||||||
// (lib.filterAttrs (
|
(key: _: lib.all (x: x != key) [ "height" "width" "top" "left" ])
|
||||||
key: _:
|
args);
|
||||||
lib.all (x: x != key) [
|
|
||||||
"height"
|
|
||||||
"width"
|
|
||||||
"top"
|
|
||||||
"left"
|
|
||||||
]
|
|
||||||
) args);
|
|
||||||
|
|
||||||
# command runner module
|
# command runner module
|
||||||
cmdRunner =
|
cmdRunner = args@{ cmd, ... }:
|
||||||
args@{ cmd, ... }:
|
wtfModule ({
|
||||||
wtfModule (
|
type = "cmdrunner";
|
||||||
{
|
focusable = false;
|
||||||
type = "cmdrunner";
|
refreshInterval = 300;
|
||||||
focusable = false;
|
} // args);
|
||||||
refreshInterval = 300;
|
|
||||||
}
|
|
||||||
// args
|
|
||||||
);
|
|
||||||
|
|
||||||
modules = {
|
modules = {
|
||||||
inherit cmdRunner;
|
inherit cmdRunner;
|
||||||
|
|
||||||
digitalclock =
|
digitalclock = args@{ top, left, ... }:
|
||||||
args@{ top, left, ... }:
|
cmdRunner ({
|
||||||
cmdRunner (
|
cmd = pkgs.writers.writeDash "clock" ''
|
||||||
{
|
${pkgs.toilet}/bin/toilet --font future `${pkgs.coreutils}/bin/date +"%a %H:%M"`
|
||||||
cmd = pkgs.writers.writeDash "clock" ''
|
${pkgs.coreutils}/bin/date +"%B %d %Y"
|
||||||
${pkgs.toilet}/bin/toilet --font future `${pkgs.coreutils}/bin/date +"%a %H:%M"`
|
'';
|
||||||
${pkgs.coreutils}/bin/date +"%B %d %Y"
|
title = "";
|
||||||
'';
|
refreshInterval = 30;
|
||||||
title = "";
|
} // args);
|
||||||
refreshInterval = 30;
|
|
||||||
}
|
|
||||||
// args
|
|
||||||
);
|
|
||||||
|
|
||||||
clocks =
|
clocks = args@{ top, left, ... }:
|
||||||
args@{ top, left, ... }:
|
wtfModule ({
|
||||||
wtfModule (
|
type = "clocks";
|
||||||
{
|
title = "";
|
||||||
type = "clocks";
|
border = false;
|
||||||
title = "";
|
colors.rows = {
|
||||||
border = false;
|
even = "white";
|
||||||
colors.rows = {
|
odd = "white";
|
||||||
even = "white";
|
};
|
||||||
odd = "white";
|
locations = {
|
||||||
};
|
UTC = "Etc/UTC";
|
||||||
locations = {
|
Berlin = "Europe/Berlin";
|
||||||
UTC = "Etc/UTC";
|
Thailand = "Asia/Bangkok";
|
||||||
Berlin = "Europe/Berlin";
|
#Cuba = "America/Havana";
|
||||||
Thailand = "Asia/Bangkok";
|
#Wellington = "Pacific/Auckland";
|
||||||
#Cuba = "America/Havana";
|
};
|
||||||
#Wellington = "Pacific/Auckland";
|
sort = "alphabetical";
|
||||||
};
|
refreshInterval = 60;
|
||||||
sort = "alphabetical";
|
} // args);
|
||||||
refreshInterval = 60;
|
|
||||||
}
|
|
||||||
// args
|
|
||||||
);
|
|
||||||
|
|
||||||
resourceusage =
|
resourceusage = args@{ top, left, ... }:
|
||||||
args@{ top, left, ... }:
|
wtfModule ({
|
||||||
wtfModule (
|
type = "resourceusage";
|
||||||
{
|
title = "";
|
||||||
type = "resourceusage";
|
cpuCombined = false;
|
||||||
title = "";
|
refreshInterval = 5;
|
||||||
cpuCombined = false;
|
} // args);
|
||||||
refreshInterval = 5;
|
|
||||||
}
|
|
||||||
// args
|
|
||||||
);
|
|
||||||
|
|
||||||
power =
|
power = args@{ top, left, ... }:
|
||||||
args@{ top, left, ... }:
|
wtfModule ({
|
||||||
wtfModule (
|
type = "power";
|
||||||
{
|
title = "";
|
||||||
type = "power";
|
refreshInterval = 100;
|
||||||
title = "";
|
} // args);
|
||||||
refreshInterval = 100;
|
|
||||||
}
|
|
||||||
// args
|
|
||||||
);
|
|
||||||
|
|
||||||
prettyweather =
|
prettyweather = args@{ top, left, ... }:
|
||||||
args@{ top, left, ... }:
|
wtfModule ({
|
||||||
wtfModule (
|
type = "prettyweather";
|
||||||
{
|
title = "";
|
||||||
type = "prettyweather";
|
city = "Essen";
|
||||||
title = "";
|
unit = "m";
|
||||||
city = "Essen";
|
view = 0;
|
||||||
unit = "m";
|
language = "en";
|
||||||
view = 0;
|
refreshInterval = 3600;
|
||||||
language = "en";
|
} // args);
|
||||||
refreshInterval = 3600;
|
|
||||||
}
|
|
||||||
// args
|
|
||||||
);
|
|
||||||
|
|
||||||
feedreader =
|
feedreader = args@{ top, left, feeds, ... }:
|
||||||
args@{
|
wtfModule ({
|
||||||
top,
|
type = "feedreader";
|
||||||
left,
|
title = "";
|
||||||
feeds,
|
refreshInterval = 3600;
|
||||||
...
|
focusable = true;
|
||||||
}:
|
#feedLimit = 10;
|
||||||
wtfModule (
|
colors.rows = {
|
||||||
{
|
even = "white";
|
||||||
type = "feedreader";
|
odd = "white";
|
||||||
title = "";
|
};
|
||||||
refreshInterval = 3600;
|
} // args);
|
||||||
focusable = true;
|
|
||||||
#feedLimit = 10;
|
|
||||||
colors.rows = {
|
|
||||||
even = "white";
|
|
||||||
odd = "white";
|
|
||||||
};
|
|
||||||
}
|
|
||||||
// args
|
|
||||||
);
|
|
||||||
|
|
||||||
github =
|
github = args@{ top, left, username, apiKey, ... }:
|
||||||
args@{
|
wtfModule ({
|
||||||
top,
|
type = "github";
|
||||||
left,
|
title = "";
|
||||||
username,
|
refreshInterval = 3600;
|
||||||
apiKey,
|
feedlimit = 10;
|
||||||
...
|
|
||||||
}:
|
|
||||||
wtfModule (
|
|
||||||
{
|
|
||||||
type = "github";
|
|
||||||
title = "";
|
|
||||||
refreshInterval = 3600;
|
|
||||||
feedlimit = 10;
|
|
||||||
|
|
||||||
enableStatus = true;
|
enableStatus = true;
|
||||||
# customQueries:
|
# customQueries:
|
||||||
# othersPRs:
|
# othersPRs:
|
||||||
# title: "Others Pull Requests"
|
# title: "Others Pull Requests"
|
||||||
# filter: "is:open is:pr -author:wtfutil"
|
# filter: "is:open is:pr -author:wtfutil"
|
||||||
# repositories:
|
# repositories:
|
||||||
# - "wtfutil/wtf"
|
# - "wtfutil/wtf"
|
||||||
# - "wtfutil/docs"
|
# - "wtfutil/docs"
|
||||||
# - "umbrella-corp/wesker-api"
|
# - "umbrella-corp/wesker-api"
|
||||||
}
|
} // args);
|
||||||
// args
|
|
||||||
);
|
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -252,20 +191,8 @@ let
|
||||||
normal = "green";
|
normal = "green";
|
||||||
};
|
};
|
||||||
grid = {
|
grid = {
|
||||||
columns = [
|
columns = [ 28 0 0 ];
|
||||||
28
|
rows = [ 9 9 9 9 9 9 0 ];
|
||||||
0
|
|
||||||
0
|
|
||||||
];
|
|
||||||
rows = [
|
|
||||||
9
|
|
||||||
9
|
|
||||||
9
|
|
||||||
9
|
|
||||||
9
|
|
||||||
9
|
|
||||||
0
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
refreshInterval = 1;
|
refreshInterval = 1;
|
||||||
mods = with modules; {
|
mods = with modules; {
|
||||||
|
@ -300,7 +227,8 @@ let
|
||||||
top = 4;
|
top = 4;
|
||||||
left = 1;
|
left = 1;
|
||||||
height = 1;
|
height = 1;
|
||||||
feeds = [ "https://latesthackingnews.com/category/hacking-tools/feed/" ];
|
feeds =
|
||||||
|
[ "https://latesthackingnews.com/category/hacking-tools/feed/" ];
|
||||||
};
|
};
|
||||||
nixos = feedreader {
|
nixos = feedreader {
|
||||||
title = "NixOS Weekly";
|
title = "NixOS Weekly";
|
||||||
|
@ -337,20 +265,8 @@ let
|
||||||
normal = "green";
|
normal = "green";
|
||||||
};
|
};
|
||||||
grid = {
|
grid = {
|
||||||
columns = [
|
columns = [ 33 12 28 36 0 ];
|
||||||
33
|
rows = [ 9 4 6 6 0 ];
|
||||||
12
|
|
||||||
28
|
|
||||||
36
|
|
||||||
0
|
|
||||||
];
|
|
||||||
rows = [
|
|
||||||
9
|
|
||||||
4
|
|
||||||
6
|
|
||||||
6
|
|
||||||
0
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
refreshInterval = 1;
|
refreshInterval = 1;
|
||||||
mods = with modules; {
|
mods = with modules; {
|
||||||
|
@ -396,12 +312,7 @@ let
|
||||||
|
|
||||||
calendar = cmdRunner {
|
calendar = cmdRunner {
|
||||||
title = "";
|
title = "";
|
||||||
args = [
|
args = [ "-3" "--monday" "--color=never" "-w" ];
|
||||||
"-3"
|
|
||||||
"--monday"
|
|
||||||
"--color=never"
|
|
||||||
"-w"
|
|
||||||
];
|
|
||||||
cmd = "cal";
|
cmd = "cal";
|
||||||
top = 1;
|
top = 1;
|
||||||
left = 1;
|
left = 1;
|
||||||
|
@ -463,12 +374,9 @@ let
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
createDashboard =
|
createDashboard = { json, name }:
|
||||||
{ json, name }:
|
let configuration = pkgs.writeText "config.yml" (builtins.toJSON json);
|
||||||
let
|
in pkgs.writers.writeBashBin name ''
|
||||||
configuration = pkgs.writeText "config.yml" (builtins.toJSON json);
|
|
||||||
in
|
|
||||||
pkgs.writers.writeBashBin name ''
|
|
||||||
${pkgs.wtf}/bin/wtfutil --config=${toString configuration}
|
${pkgs.wtf}/bin/wtfutil --config=${toString configuration}
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ pkgs, config, lib, ... }:
|
||||||
pkgs,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options.components.terminal.zsh.enable = mkOption {
|
options.components.terminal.zsh.enable = mkOption {
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ config, lib, pkgs, ... }:
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ config, lib, pkgs, ... }:
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ config, lib, pkgs, ... }:
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ config, lib, pkgs, ... }:
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
|
|
||||||
|
|
|
@ -1,12 +1,7 @@
|
||||||
# References:
|
# References:
|
||||||
# * https://github.com/drduh/YubiKey-Guide
|
# * https://github.com/drduh/YubiKey-Guide
|
||||||
# * https://nixos.wiki/wiki/Yubikey
|
# * https://nixos.wiki/wiki/Yubikey
|
||||||
{
|
{ config, pkgs, lib, ... }:
|
||||||
config,
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
|
|
||||||
|
@ -21,6 +16,7 @@ with lib;
|
||||||
services.pcscd.enable = true;
|
services.pcscd.enable = true;
|
||||||
services.udev.packages = [ pkgs.yubikey-personalization ];
|
services.udev.packages = [ pkgs.yubikey-personalization ];
|
||||||
|
|
||||||
|
|
||||||
environment.systemPackages = [
|
environment.systemPackages = [
|
||||||
|
|
||||||
pkgs.yubikey-personalization
|
pkgs.yubikey-personalization
|
||||||
|
|
|
@ -1,11 +1,4 @@
|
||||||
{
|
{ config, lib, pkgs, factsGenerator, clanLib, ... }:
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
factsGenerator,
|
|
||||||
clanLib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
with types;
|
with types;
|
||||||
|
|
||||||
|
@ -18,7 +11,8 @@ with types;
|
||||||
kernelModules = mkOption {
|
kernelModules = mkOption {
|
||||||
type = listOf str;
|
type = listOf str;
|
||||||
default = [ ];
|
default = [ ];
|
||||||
description = "nix-shell -p pciutils --run 'lspci -v' will tell you which kernel module is used for the ethernet interface";
|
description =
|
||||||
|
"nix-shell -p pciutils --run 'lspci -v' will tell you which kernel module is used for the ethernet interface";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -48,3 +42,4 @@ with types;
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,11 +1,4 @@
|
||||||
{
|
{ config, lib, pkgs, factsGenerator, clanLib, ... }:
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
factsGenerator,
|
|
||||||
clanLib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
with types;
|
with types;
|
||||||
{
|
{
|
||||||
|
@ -23,13 +16,14 @@ with types;
|
||||||
name = "initrd";
|
name = "initrd";
|
||||||
addressPrefix = "init";
|
addressPrefix = "init";
|
||||||
};
|
};
|
||||||
boot.initrd.secrets = mapAttrs' (name: file: nameValuePair "/etc/tor/onion/bootup/${name}" file) (
|
boot.initrd.secrets =
|
||||||
genAttrs [
|
mapAttrs' (name: file: nameValuePair "/etc/tor/onion/bootup/${name}" file)
|
||||||
"hostname"
|
(genAttrs [
|
||||||
"hs_ed25519_public_key"
|
"hostname"
|
||||||
"hs_ed25519_secret_key"
|
"hs_ed25519_public_key"
|
||||||
] (secret: config.clan.core.facts.services."initrd.tor".secret."tor.initrd.${secret}".path)
|
"hs_ed25519_secret_key"
|
||||||
);
|
]
|
||||||
|
(secret: config.clan.core.facts.services."initrd.tor".secret."tor.initrd.${secret}".path));
|
||||||
|
|
||||||
boot.initrd.systemd.storePaths = [
|
boot.initrd.systemd.storePaths = [
|
||||||
pkgs.tor
|
pkgs.tor
|
||||||
|
@ -49,10 +43,7 @@ with types;
|
||||||
boot.initrd.systemd.services.tor = {
|
boot.initrd.systemd.services.tor = {
|
||||||
description = "tor during init";
|
description = "tor during init";
|
||||||
wantedBy = [ "initrd.target" ];
|
wantedBy = [ "initrd.target" ];
|
||||||
after = [
|
after = [ "network.target" "initrd-nixos-copy-secrets.service" ];
|
||||||
"network.target"
|
|
||||||
"initrd-nixos-copy-secrets.service"
|
|
||||||
];
|
|
||||||
before = [ "shutdown.target" ];
|
before = [ "shutdown.target" ];
|
||||||
conflicts = [ "shutdown.target" ];
|
conflicts = [ "shutdown.target" ];
|
||||||
|
|
||||||
|
@ -62,15 +53,17 @@ with types;
|
||||||
pkgs.iproute2
|
pkgs.iproute2
|
||||||
pkgs.coreutils
|
pkgs.coreutils
|
||||||
];
|
];
|
||||||
script = ''
|
script =
|
||||||
echo "tor: preparing onion folder"
|
''
|
||||||
# have to do this otherwise tor does not want to start
|
echo "tor: preparing onion folder"
|
||||||
chmod -R 700 /etc/tor
|
# have to do this otherwise tor does not want to start
|
||||||
|
chmod -R 700 /etc/tor
|
||||||
|
|
||||||
echo "tor: starting tor"
|
echo "tor: starting tor"
|
||||||
tor -f /etc/tor/tor.rc --verify-config
|
tor -f /etc/tor/tor.rc --verify-config
|
||||||
tor -f /etc/tor/tor.rc
|
tor -f /etc/tor/tor.rc
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ config, lib, pkgs, ... }:
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
options.features.network.fail2ban.enable = mkOption {
|
options.features.network.fail2ban.enable = mkOption {
|
||||||
|
|
|
@ -1,10 +1,4 @@
|
||||||
{
|
{ pkgs, config, lib, assets, ... }:
|
||||||
pkgs,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
assets,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
with types;
|
with types;
|
||||||
{
|
{
|
||||||
|
|
23
flake.lock
23
flake.lock
|
@ -843,8 +843,7 @@
|
||||||
"retiolum": "retiolum",
|
"retiolum": "retiolum",
|
||||||
"srvos": "srvos",
|
"srvos": "srvos",
|
||||||
"stylix": "stylix",
|
"stylix": "stylix",
|
||||||
"taskshell": "taskshell",
|
"taskshell": "taskshell"
|
||||||
"treefmt-nix": "treefmt-nix_3"
|
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"sops-nix": {
|
"sops-nix": {
|
||||||
|
@ -1030,26 +1029,6 @@
|
||||||
"repo": "treefmt-nix",
|
"repo": "treefmt-nix",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
|
||||||
"treefmt-nix_3": {
|
|
||||||
"inputs": {
|
|
||||||
"nixpkgs": [
|
|
||||||
"nixpkgs"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1724833132,
|
|
||||||
"narHash": "sha256-F4djBvyNRAXGusJiNYInqR6zIMI3rvlp6WiKwsRISos=",
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "treefmt-nix",
|
|
||||||
"rev": "3ffd842a5f50f435d3e603312eefa4790db46af5",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "treefmt-nix",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"root": "root",
|
"root": "root",
|
||||||
|
|
563
flake.nix
563
flake.nix
|
@ -58,11 +58,6 @@
|
||||||
|
|
||||||
srvos.url = "github:nix-community/srvos";
|
srvos.url = "github:nix-community/srvos";
|
||||||
|
|
||||||
treefmt-nix = {
|
|
||||||
url = "github:numtide/treefmt-nix";
|
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
|
||||||
};
|
|
||||||
|
|
||||||
landingpage = {
|
landingpage = {
|
||||||
#url = "git+file:///home/palo/dev/landingpage";
|
#url = "git+file:///home/palo/dev/landingpage";
|
||||||
url = "github:mrVanDalo/landingpage";
|
url = "github:mrVanDalo/landingpage";
|
||||||
|
@ -96,30 +91,28 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs =
|
outputs =
|
||||||
inputs@{
|
inputs@{ self
|
||||||
self,
|
, clan-core
|
||||||
clan-core,
|
, clan-fact-generators
|
||||||
clan-fact-generators,
|
, flake-parts
|
||||||
flake-parts,
|
, home-manager
|
||||||
home-manager,
|
, home-manager-utils
|
||||||
home-manager-utils,
|
, kmonad
|
||||||
kmonad,
|
, landingpage
|
||||||
landingpage,
|
, nixos-anywhere
|
||||||
nixos-anywhere,
|
, nixos-hardware
|
||||||
nixos-hardware,
|
, nixpkgs
|
||||||
nixpkgs,
|
, nixpkgs-legacy_2211
|
||||||
nixpkgs-legacy_2211,
|
, nixpkgs-legacy_2311
|
||||||
nixpkgs-legacy_2311,
|
, nixpkgs-legacy_2405
|
||||||
nixpkgs-legacy_2405,
|
, nixpkgs-unstable-small
|
||||||
nixpkgs-unstable-small,
|
, permown
|
||||||
permown,
|
, polygon-art
|
||||||
polygon-art,
|
, private_assets
|
||||||
private_assets,
|
, retiolum
|
||||||
retiolum,
|
, srvos
|
||||||
srvos,
|
, stylix
|
||||||
stylix,
|
, taskshell
|
||||||
taskshell,
|
|
||||||
treefmt-nix,
|
|
||||||
}:
|
}:
|
||||||
|
|
||||||
let
|
let
|
||||||
|
@ -172,10 +165,7 @@
|
||||||
inherit inputs;
|
inherit inputs;
|
||||||
assets = ./assets;
|
assets = ./assets;
|
||||||
factsGenerator = clan-fact-generators.lib { inherit pkgs; };
|
factsGenerator = clan-fact-generators.lib { inherit pkgs; };
|
||||||
clanLib = import ./lib/clanlib.nix {
|
clanLib = import ./lib/clanlib.nix { inherit (pkgs) lib; machineDir = ./machines; };
|
||||||
inherit (pkgs) lib;
|
|
||||||
machineDir = ./machines;
|
|
||||||
};
|
|
||||||
zerotierDeviceName = "ztbn67ogn2";
|
zerotierDeviceName = "ztbn67ogn2";
|
||||||
components = ./components;
|
components = ./components;
|
||||||
features = ./features;
|
features = ./features;
|
||||||
|
@ -183,63 +173,57 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
clanSetup =
|
clanSetup =
|
||||||
{
|
{ name
|
||||||
name,
|
, host
|
||||||
host,
|
, modules
|
||||||
modules,
|
}: {
|
||||||
}:
|
|
||||||
{
|
|
||||||
|
|
||||||
clan.core.networking.targetHost = lib.mkDefault "root@${host}";
|
clan.core.networking.targetHost = lib.mkDefault "root@${host}";
|
||||||
nixpkgs.pkgs = meta.pkgs;
|
nixpkgs.pkgs = meta.pkgs;
|
||||||
nixpkgs.hostPlatform = meta.system;
|
nixpkgs.hostPlatform = meta.system;
|
||||||
clan.core.facts.secretStore = "password-store";
|
clan.core.facts.secretStore = "password-store";
|
||||||
|
|
||||||
imports =
|
imports = modules ++ defaultModules ++ [
|
||||||
modules
|
./machines/${name}/configuration.nix
|
||||||
++ defaultModules
|
|
||||||
++ [
|
|
||||||
./machines/${name}/configuration.nix
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
zerotierControllerModule = {
|
|
||||||
clan.core.networking.zerotier.controller = {
|
|
||||||
enable = true;
|
|
||||||
public = false;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
zerotierModules =
|
|
||||||
{ pkgs, ... }:
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
|
|
||||||
# this magically adds all my machines in the zero tier network
|
|
||||||
# and makes the controller accept them.
|
|
||||||
# will automatic look into `/machines/<name>/facts/zerotier-ip
|
|
||||||
inputs.clan-core.clanModules.zerotier-static-peers
|
|
||||||
|
|
||||||
# Statically configure the host names of machines based on their respective zerotier-ip.
|
|
||||||
inputs.clan-core.clanModules.static-hosts
|
|
||||||
|
|
||||||
# generate ssh host keys with facts
|
|
||||||
inputs.clan-core.clanModules.sshd
|
|
||||||
|
|
||||||
# manual configs
|
|
||||||
{
|
|
||||||
clan.static-hosts.topLevelDomain = "bear";
|
|
||||||
components.network.zerotier.enable = true;
|
|
||||||
environment.systemPackages = [
|
|
||||||
clan-core.packages.${pkgs.system}.clan-cli
|
|
||||||
(pkgs.writers.writeBashBin "zerotier-script-nodeid" ''
|
|
||||||
sudo ${pkgs.zerotierone}/bin/zerotier-cli info | cut -d " " -f 3
|
|
||||||
'')
|
|
||||||
];
|
|
||||||
}
|
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
zerotierControllerModule =
|
||||||
|
{
|
||||||
|
clan.core.networking.zerotier.controller = {
|
||||||
|
enable = true;
|
||||||
|
public = false;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
zerotierModules = { pkgs, ... }: {
|
||||||
|
imports = [
|
||||||
|
|
||||||
|
# this magically adds all my machines in the zero tier network
|
||||||
|
# and makes the controller accept them.
|
||||||
|
# will automatic look into `/machines/<name>/facts/zerotier-ip
|
||||||
|
inputs.clan-core.clanModules.zerotier-static-peers
|
||||||
|
|
||||||
|
# Statically configure the host names of machines based on their respective zerotier-ip.
|
||||||
|
inputs.clan-core.clanModules.static-hosts
|
||||||
|
|
||||||
|
# generate ssh host keys with facts
|
||||||
|
inputs.clan-core.clanModules.sshd
|
||||||
|
|
||||||
|
# manual configs
|
||||||
|
{
|
||||||
|
clan.static-hosts.topLevelDomain = "bear";
|
||||||
|
components.network.zerotier.enable = true;
|
||||||
|
environment.systemPackages = [
|
||||||
|
clan-core.packages.${pkgs.system}.clan-cli
|
||||||
|
(pkgs.writers.writeBashBin "zerotier-script-nodeid" ''
|
||||||
|
sudo ${pkgs.zerotierone}/bin/zerotier-cli info | cut -d " " -f 3
|
||||||
|
'')
|
||||||
|
];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
defaultModules = [
|
defaultModules = [
|
||||||
# make flake inputs accessiable in NixOS
|
# make flake inputs accessiable in NixOS
|
||||||
{
|
{
|
||||||
|
@ -247,18 +231,15 @@
|
||||||
_module.args.inputs = self.inputs;
|
_module.args.inputs = self.inputs;
|
||||||
}
|
}
|
||||||
# ssh keys
|
# ssh keys
|
||||||
(
|
({ config, ... }: {
|
||||||
{ config, ... }:
|
users.users.root.openssh.authorizedKeys.keyFiles = [
|
||||||
{
|
# master key
|
||||||
users.users.root.openssh.authorizedKeys.keyFiles = [
|
./assets/mrvandalo_rsa.pub
|
||||||
# master key
|
# backup key
|
||||||
./assets/mrvandalo_rsa.pub
|
"${config.clan.core.clanDir}/machines/chungus/facts/ssh.syncoid.id_ed25519.pub"
|
||||||
# backup key
|
"${config.clan.core.clanDir}/machines/chungus/facts/ssh.rbackup.id_ed25519.pub"
|
||||||
"${config.clan.core.clanDir}/machines/chungus/facts/ssh.syncoid.id_ed25519.pub"
|
];
|
||||||
"${config.clan.core.clanDir}/machines/chungus/facts/ssh.rbackup.id_ed25519.pub"
|
})
|
||||||
];
|
|
||||||
}
|
|
||||||
)
|
|
||||||
{
|
{
|
||||||
# disable emergency mode everywhere, although it might be needed on laptops
|
# disable emergency mode everywhere, although it might be needed on laptops
|
||||||
boot.initrd.systemd.emergencyAccess = false;
|
boot.initrd.systemd.emergencyAccess = false;
|
||||||
|
@ -269,20 +250,11 @@
|
||||||
systemd.enableEmergencyMode = false;
|
systemd.enableEmergencyMode = false;
|
||||||
}
|
}
|
||||||
# configure nix
|
# configure nix
|
||||||
(
|
({ pkgs, lib, clanLib, ... }:
|
||||||
{
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
clanLib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
{
|
{
|
||||||
nix.settings.substituters = [ "http://cache.orbi.wg0" ];
|
nix.settings.substituters = [ "http://cache.orbi.wg0" ];
|
||||||
nix.settings.trusted-public-keys = [ (clanLib.readFact "nix-serve.pub" "orbi") ];
|
nix.settings.trusted-public-keys = [ (clanLib.readFact "nix-serve.pub" "orbi") ];
|
||||||
nix.settings.experimental-features = [
|
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
||||||
"nix-command"
|
|
||||||
"flakes"
|
|
||||||
];
|
|
||||||
nix.settings.max-jobs = 1;
|
nix.settings.max-jobs = 1;
|
||||||
# no channesl needed this way
|
# no channesl needed this way
|
||||||
nix.nixPath = [ "nixpkgs=${pkgs.path}" ];
|
nix.nixPath = [ "nixpkgs=${pkgs.path}" ];
|
||||||
|
@ -310,8 +282,7 @@
|
||||||
boot.loader.systemd-boot.configurationLimit = lib.mkDefault 10;
|
boot.loader.systemd-boot.configurationLimit = lib.mkDefault 10;
|
||||||
boot.loader.generic-extlinux-compatible.configurationLimit = lib.mkDefault 10;
|
boot.loader.generic-extlinux-compatible.configurationLimit = lib.mkDefault 10;
|
||||||
boot.loader.grub.configurationLimit = lib.mkDefault 10;
|
boot.loader.grub.configurationLimit = lib.mkDefault 10;
|
||||||
}
|
})
|
||||||
)
|
|
||||||
# My Structure
|
# My Structure
|
||||||
./components
|
./components
|
||||||
./features
|
./features
|
||||||
|
@ -322,222 +293,210 @@
|
||||||
permown.nixosModules.permown
|
permown.nixosModules.permown
|
||||||
kmonad.nixosModules.default
|
kmonad.nixosModules.default
|
||||||
# some default things I always want
|
# some default things I always want
|
||||||
(
|
({ pkgs, ... }: {
|
||||||
{ pkgs, ... }:
|
boot.tmp.useTmpfs = lib.mkDefault true;
|
||||||
{
|
environment.systemPackages = [
|
||||||
boot.tmp.useTmpfs = lib.mkDefault true;
|
pkgs.nixpkgs-fmt
|
||||||
environment.systemPackages = [
|
];
|
||||||
pkgs.nixpkgs-fmt
|
})
|
||||||
];
|
|
||||||
}
|
|
||||||
)
|
|
||||||
];
|
];
|
||||||
|
|
||||||
stylixModules =
|
stylixModules = { pkgs, config, ... }: {
|
||||||
{ pkgs, config, ... }:
|
imports = [ stylix.nixosModules.stylix ];
|
||||||
{
|
stylix.enable = true;
|
||||||
imports = [ stylix.nixosModules.stylix ];
|
stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-light-medium.yaml";
|
||||||
stylix.enable = true;
|
stylix.image = ./assets/wallpaper.png;
|
||||||
stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-light-medium.yaml";
|
stylix.fonts = {
|
||||||
stylix.image = ./assets/wallpaper.png;
|
serif = {
|
||||||
stylix.fonts = {
|
package = pkgs.nerdfonts.override { fonts = [ "Ubuntu" ]; };
|
||||||
serif = {
|
name = "Ubuntu";
|
||||||
package = pkgs.nerdfonts.override { fonts = [ "Ubuntu" ]; };
|
|
||||||
name = "Ubuntu";
|
|
||||||
};
|
|
||||||
sansSerif = {
|
|
||||||
package = pkgs.nerdfonts.override { fonts = [ "Ubuntu" ]; };
|
|
||||||
name = "Ubuntu";
|
|
||||||
};
|
|
||||||
monospace = {
|
|
||||||
package = pkgs.nerdfonts.override { fonts = [ "JetBrainsMono" ]; };
|
|
||||||
name = "JetBrains Mono";
|
|
||||||
};
|
|
||||||
emoji = {
|
|
||||||
package = pkgs.noto-fonts-emoji;
|
|
||||||
name = "Noto Color Emoji";
|
|
||||||
};
|
|
||||||
sizes.popups = 15;
|
|
||||||
};
|
};
|
||||||
|
sansSerif = {
|
||||||
|
package = pkgs.nerdfonts.override { fonts = [ "Ubuntu" ]; };
|
||||||
|
name = "Ubuntu";
|
||||||
|
};
|
||||||
|
monospace = {
|
||||||
|
package = pkgs.nerdfonts.override { fonts = [ "JetBrainsMono" ]; };
|
||||||
|
name = "JetBrains Mono";
|
||||||
|
};
|
||||||
|
emoji = {
|
||||||
|
package = pkgs.noto-fonts-emoji;
|
||||||
|
name = "Noto Color Emoji";
|
||||||
|
};
|
||||||
|
sizes.popups = 15;
|
||||||
};
|
};
|
||||||
|
};
|
||||||
|
|
||||||
homeManagerModules =
|
homeManagerModules = { pkgs, config, ... }: {
|
||||||
{ pkgs, config, ... }:
|
imports = [
|
||||||
{
|
home-manager.nixosModules.home-manager
|
||||||
imports = [
|
];
|
||||||
home-manager.nixosModules.home-manager
|
home-manager.extraSpecialArgs = {
|
||||||
];
|
#inherit private_assets;
|
||||||
home-manager.extraSpecialArgs = {
|
assets = ./assets;
|
||||||
#inherit private_assets;
|
|
||||||
assets = ./assets;
|
|
||||||
};
|
|
||||||
home-manager.useGlobalPkgs = true;
|
|
||||||
home-manager.useUserPackages = true;
|
|
||||||
home-manager.backupFileExtension = "backup";
|
|
||||||
home-manager.sharedModules = [
|
|
||||||
home-manager-utils.hmModule
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
|
home-manager.useGlobalPkgs = true;
|
||||||
|
home-manager.useUserPackages = true;
|
||||||
|
home-manager.backupFileExtension = "backup";
|
||||||
|
home-manager.sharedModules = [
|
||||||
|
home-manager-utils.hmModule
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
in
|
in
|
||||||
|
|
||||||
flake-parts.lib.mkFlake { inherit inputs; } (
|
flake-parts.lib.mkFlake { inherit inputs; } ({ self, pkgs, ... }: {
|
||||||
{ self, pkgs, ... }:
|
# We define our own systems below. you can still use this to add system specific outputs to your flake.
|
||||||
{
|
# See: https://flake.parts/getting-started
|
||||||
# We define our own systems below. you can still use this to add system specific outputs to your flake.
|
systems = [ "x86_64-linux" ];
|
||||||
# See: https://flake.parts/getting-started
|
|
||||||
systems = [ "x86_64-linux" ];
|
|
||||||
|
|
||||||
# import clan-core modules
|
# import clan-core modules
|
||||||
imports = [
|
imports = [
|
||||||
clan-core.flakeModules.default
|
clan-core.flakeModules.default
|
||||||
./nix/formatter.nix
|
];
|
||||||
];
|
|
||||||
|
|
||||||
perSystem =
|
perSystem = { pkgs, ... }: {
|
||||||
{ pkgs, ... }:
|
packages.pkl = pkgs.callPackage ./pkgs/pkl { };
|
||||||
{
|
};
|
||||||
packages.pkl = pkgs.callPackage ./pkgs/pkl { };
|
|
||||||
|
# Define your clan
|
||||||
|
clan = {
|
||||||
|
# Clan wide settings.
|
||||||
|
meta.name = "gummybears"; # Ensure to choose a unique name.
|
||||||
|
specialArgs = meta.specialArgs;
|
||||||
|
|
||||||
|
machines = {
|
||||||
|
|
||||||
|
cream = clanSetup {
|
||||||
|
name = "cream";
|
||||||
|
host = "cream.bear";
|
||||||
|
modules = [
|
||||||
|
zerotierModules
|
||||||
|
nixos-hardware.nixosModules.framework-12th-gen-intel
|
||||||
|
retiolum.nixosModules.retiolum
|
||||||
|
private_assets.nixosModules.cream
|
||||||
|
private_assets.nixosModules.yubikey
|
||||||
|
homeManagerModules
|
||||||
|
stylixModules
|
||||||
|
{ home-manager.users.mainUser.gui.enable = true; }
|
||||||
|
{
|
||||||
|
home-manager.users.mainUser = import ./homes/palo;
|
||||||
|
home-manager.users.root = import ./homes/root;
|
||||||
|
}
|
||||||
|
{
|
||||||
|
clan.core.machineDescription = "Laptop";
|
||||||
|
}
|
||||||
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
# Define your clan
|
cherry = clanSetup {
|
||||||
clan = {
|
name = "cherry";
|
||||||
# Clan wide settings.
|
host = "cherry.bear";
|
||||||
meta.name = "gummybears"; # Ensure to choose a unique name.
|
modules = [
|
||||||
specialArgs = meta.specialArgs;
|
zerotierModules
|
||||||
|
nixos-hardware.nixosModules.framework-13th-gen-intel
|
||||||
|
retiolum.nixosModules.retiolum
|
||||||
|
private_assets.nixosModules.yubikey
|
||||||
|
private_assets.nixosModules.cherry
|
||||||
|
homeManagerModules
|
||||||
|
stylixModules
|
||||||
|
{ home-manager.users.mainUser.gui.enable = true; }
|
||||||
|
{
|
||||||
|
home-manager.users.mainUser = import ./homes/palo;
|
||||||
|
home-manager.users.root = import ./homes/root;
|
||||||
|
}
|
||||||
|
{
|
||||||
|
clan.core.machineDescription = "Laptop";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
machines = {
|
chungus = clanSetup {
|
||||||
|
name = "chungus";
|
||||||
|
host = "chungus.bear";
|
||||||
|
modules = [
|
||||||
|
zerotierModules
|
||||||
|
zerotierControllerModule
|
||||||
|
homeManagerModules
|
||||||
|
stylixModules
|
||||||
|
retiolum.nixosModules.retiolum
|
||||||
|
private_assets.nixosModules.chungus
|
||||||
|
{
|
||||||
|
home-manager.users.mainUser = import ./homes/palo;
|
||||||
|
home-manager.users.root = import ./homes/root;
|
||||||
|
}
|
||||||
|
{
|
||||||
|
clan.core.machineDescription = "Home Server";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
cream = clanSetup {
|
orbi = clanSetup {
|
||||||
name = "cream";
|
name = "orbi";
|
||||||
host = "cream.bear";
|
host = "orbi.bear";
|
||||||
modules = [
|
#host = "95.216.66.212";
|
||||||
zerotierModules
|
modules = [
|
||||||
nixos-hardware.nixosModules.framework-12th-gen-intel
|
homeManagerModules
|
||||||
retiolum.nixosModules.retiolum
|
stylixModules
|
||||||
private_assets.nixosModules.cream
|
zerotierModules
|
||||||
private_assets.nixosModules.yubikey
|
srvos.nixosModules.hardware-hetzner-online-intel
|
||||||
homeManagerModules
|
#srvos.nixosModules.server
|
||||||
stylixModules
|
#srvos.nixosModules.mixins-terminfo
|
||||||
{ home-manager.users.mainUser.gui.enable = true; }
|
{
|
||||||
{
|
home-manager.users.mainUser = import ./homes/palo;
|
||||||
home-manager.users.mainUser = import ./homes/palo;
|
home-manager.users.root = import ./homes/root;
|
||||||
home-manager.users.root = import ./homes/root;
|
}
|
||||||
}
|
{
|
||||||
{
|
clan.core.machineDescription = "Internet Server";
|
||||||
clan.core.machineDescription = "Laptop";
|
}
|
||||||
}
|
];
|
||||||
];
|
};
|
||||||
};
|
|
||||||
|
|
||||||
cherry = clanSetup {
|
probe = clanSetup {
|
||||||
name = "cherry";
|
name = "probe";
|
||||||
host = "cherry.bear";
|
#host = "167.235.205.150";
|
||||||
modules = [
|
host = "95.217.18.54";
|
||||||
zerotierModules
|
modules = [
|
||||||
nixos-hardware.nixosModules.framework-13th-gen-intel
|
homeManagerModules
|
||||||
retiolum.nixosModules.retiolum
|
stylixModules
|
||||||
private_assets.nixosModules.yubikey
|
srvos.nixosModules.hardware-hetzner-cloud
|
||||||
private_assets.nixosModules.cherry
|
srvos.nixosModules.server
|
||||||
homeManagerModules
|
srvos.nixosModules.mixins-terminfo
|
||||||
stylixModules
|
#inputs.clan-core.clanModules.sshd
|
||||||
{ home-manager.users.mainUser.gui.enable = true; }
|
{
|
||||||
{
|
home-manager.users.mainUser = import ./homes/palo;
|
||||||
home-manager.users.mainUser = import ./homes/palo;
|
home-manager.users.root = import ./homes/root;
|
||||||
home-manager.users.root = import ./homes/root;
|
}
|
||||||
}
|
{
|
||||||
{
|
clan.core.machineDescription = "Dummy Internet Server";
|
||||||
clan.core.machineDescription = "Laptop";
|
}
|
||||||
}
|
];
|
||||||
];
|
};
|
||||||
};
|
|
||||||
|
|
||||||
chungus = clanSetup {
|
|
||||||
name = "chungus";
|
|
||||||
host = "chungus.bear";
|
|
||||||
modules = [
|
|
||||||
zerotierModules
|
|
||||||
zerotierControllerModule
|
|
||||||
homeManagerModules
|
|
||||||
stylixModules
|
|
||||||
retiolum.nixosModules.retiolum
|
|
||||||
private_assets.nixosModules.chungus
|
|
||||||
{
|
|
||||||
home-manager.users.mainUser = import ./homes/palo;
|
|
||||||
home-manager.users.root = import ./homes/root;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
clan.core.machineDescription = "Home Server";
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
orbi = clanSetup {
|
|
||||||
name = "orbi";
|
|
||||||
host = "orbi.bear";
|
|
||||||
#host = "95.216.66.212";
|
|
||||||
modules = [
|
|
||||||
homeManagerModules
|
|
||||||
stylixModules
|
|
||||||
zerotierModules
|
|
||||||
srvos.nixosModules.hardware-hetzner-online-intel
|
|
||||||
#srvos.nixosModules.server
|
|
||||||
#srvos.nixosModules.mixins-terminfo
|
|
||||||
{
|
|
||||||
home-manager.users.mainUser = import ./homes/palo;
|
|
||||||
home-manager.users.root = import ./homes/root;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
clan.core.machineDescription = "Internet Server";
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
probe = clanSetup {
|
|
||||||
name = "probe";
|
|
||||||
#host = "167.235.205.150";
|
|
||||||
host = "95.217.18.54";
|
|
||||||
modules = [
|
|
||||||
homeManagerModules
|
|
||||||
stylixModules
|
|
||||||
srvos.nixosModules.hardware-hetzner-cloud
|
|
||||||
srvos.nixosModules.server
|
|
||||||
srvos.nixosModules.mixins-terminfo
|
|
||||||
#inputs.clan-core.clanModules.sshd
|
|
||||||
{
|
|
||||||
home-manager.users.mainUser = import ./homes/palo;
|
|
||||||
home-manager.users.root = import ./homes/root;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
clan.core.machineDescription = "Dummy Internet Server";
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
usbstick = clanSetup {
|
|
||||||
name = "usbstick";
|
|
||||||
#host = "usbstick.bear";
|
|
||||||
host = "10.100.0.100";
|
|
||||||
modules = [
|
|
||||||
homeManagerModules
|
|
||||||
stylixModules
|
|
||||||
zerotierModules
|
|
||||||
{ home-manager.users.mainUser.gui.enable = true; }
|
|
||||||
{
|
|
||||||
home-manager.users.mainUser = import ./homes/palo;
|
|
||||||
home-manager.users.root = import ./homes/root;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
clan.core.machineDescription = "USB-Stick for Backup";
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
|
usbstick = clanSetup {
|
||||||
|
name = "usbstick";
|
||||||
|
#host = "usbstick.bear";
|
||||||
|
host = "10.100.0.100";
|
||||||
|
modules = [
|
||||||
|
homeManagerModules
|
||||||
|
stylixModules
|
||||||
|
zerotierModules
|
||||||
|
{ home-manager.users.mainUser.gui.enable = true; }
|
||||||
|
{
|
||||||
|
home-manager.users.mainUser = import ./homes/palo;
|
||||||
|
home-manager.users.root = import ./homes/root;
|
||||||
|
}
|
||||||
|
{
|
||||||
|
clan.core.machineDescription = "USB-Stick for Backup";
|
||||||
|
}
|
||||||
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
};
|
||||||
);
|
|
||||||
|
});
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ pkgs, config, lib, ... }:
|
||||||
pkgs,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
programs.oh-my-posh = {
|
programs.oh-my-posh = {
|
||||||
|
|
|
@ -86,9 +86,7 @@
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"background": "#427B58",
|
"background": "#427B58",
|
||||||
"background_templates": [
|
"background_templates": ["{{ if gt .Code 0 }}#9D0006{{ end }}"],
|
||||||
"{{ if gt .Code 0 }}#9D0006{{ end }}"
|
|
||||||
],
|
|
||||||
"foreground": "#EBDBB2",
|
"foreground": "#EBDBB2",
|
||||||
"leading_diamond": "<transparent,background>\ue0b0</>",
|
"leading_diamond": "<transparent,background>\ue0b0</>",
|
||||||
"properties": {
|
"properties": {
|
||||||
|
|
|
@ -13,13 +13,9 @@
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"background": "#fbf1c7",
|
"background": "#fbf1c7",
|
||||||
"background_templates": [
|
"background_templates": ["{{ if .Root }}#af3a03{{ end }}"],
|
||||||
"{{ if .Root }}#af3a03{{ end }}"
|
|
||||||
],
|
|
||||||
"foreground": "#282828",
|
"foreground": "#282828",
|
||||||
"foreground_templates": [
|
"foreground_templates": ["{{ if .Root }}#fbf1c7{{ end }}"],
|
||||||
"{{ if .Root }}#fbf1c7{{ end }}"
|
|
||||||
],
|
|
||||||
"powerline_symbol": "\ue0b0",
|
"powerline_symbol": "\ue0b0",
|
||||||
"style": "powerline",
|
"style": "powerline",
|
||||||
"template": " {{ if .SSHSession }} {{ end }}{{ .HostName }} ",
|
"template": " {{ if .SSHSession }} {{ end }}{{ .HostName }} ",
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ config, pkgs, lib, ... }:
|
||||||
config,
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with pkgs;
|
with pkgs;
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
|
@ -46,6 +41,7 @@ with lib;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
(mkIf config.gui.enable {
|
(mkIf config.gui.enable {
|
||||||
home.packages = [
|
home.packages = [
|
||||||
libreoffice
|
libreoffice
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ lib, pkgs, assets, ... }:
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
assets,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
{
|
{
|
||||||
|
|
||||||
programs.zsh = {
|
programs.zsh = {
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ config, pkgs, lib, ... }:
|
||||||
config,
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with pkgs;
|
with pkgs;
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
{ pkgs, ... }:
|
{ pkgs, ... }: {
|
||||||
{
|
|
||||||
|
|
||||||
imports = [
|
imports = [
|
||||||
../common
|
../common
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ config, pkgs, lib, ... }:
|
||||||
config,
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
config = mkMerge [
|
config = mkMerge [
|
||||||
|
|
|
@ -10,15 +10,7 @@ with pkgs;
|
||||||
key = "42AC51C9482D0834CF488AF1389EC2D64AC71EAC";
|
key = "42AC51C9482D0834CF488AF1389EC2D64AC71EAC";
|
||||||
signByDefault = true;
|
signByDefault = true;
|
||||||
};
|
};
|
||||||
ignores = [
|
ignores = [ "*.swp" "*~" ".idea" ".*penis.*" "result" ".envrc" ".direnv" ];
|
||||||
"*.swp"
|
|
||||||
"*~"
|
|
||||||
".idea"
|
|
||||||
".*penis.*"
|
|
||||||
"result"
|
|
||||||
".envrc"
|
|
||||||
".direnv"
|
|
||||||
];
|
|
||||||
extraConfig = {
|
extraConfig = {
|
||||||
init.defaultBranch = "main";
|
init.defaultBranch = "main";
|
||||||
pull.ff = "only";
|
pull.ff = "only";
|
||||||
|
@ -27,6 +19,7 @@ with pkgs;
|
||||||
difftastic.enable = true;
|
difftastic.enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
home.packages = [
|
home.packages = [
|
||||||
pre-commit
|
pre-commit
|
||||||
gita
|
gita
|
||||||
|
|
|
@ -12,7 +12,8 @@
|
||||||
keyserver = "keyserver.ubuntu.com";
|
keyserver = "keyserver.ubuntu.com";
|
||||||
personal-digest-preferences = "SHA512";
|
personal-digest-preferences = "SHA512";
|
||||||
cert-digest-algo = "SHA512";
|
cert-digest-algo = "SHA512";
|
||||||
default-preference-list = "SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed";
|
default-preference-list =
|
||||||
|
"SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ pkgs, lib, config, ... }:
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
config,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ lib, pkgs, config, ... }:
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
config,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
|
|
||||||
|
@ -36,5 +31,6 @@ with lib;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -158,3 +158,4 @@
|
||||||
'';
|
'';
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,20 +1,8 @@
|
||||||
{
|
{ config, lib, pkgs, osConfig, ... }:
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
osConfig,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
let
|
let
|
||||||
|
|
||||||
rofi = pkgs.rofi.override {
|
rofi = pkgs.rofi.override { plugins = [ pkgs.rofi-emoji pkgs.rofi-calc pkgs.xdotool ]; };
|
||||||
plugins = [
|
|
||||||
pkgs.rofi-emoji
|
|
||||||
pkgs.rofi-calc
|
|
||||||
pkgs.xdotool
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
backgroundCommand = pkgs.writers.writeDash "background" ''
|
backgroundCommand = pkgs.writers.writeDash "background" ''
|
||||||
${pkgs.xorg.xrandr}/bin/xrandr | grep " connected" | grep "primary" | \
|
${pkgs.xorg.xrandr}/bin/xrandr | grep " connected" | grep "primary" | \
|
||||||
|
@ -152,25 +140,21 @@ in
|
||||||
focus = {
|
focus = {
|
||||||
followMouse = true;
|
followMouse = true;
|
||||||
};
|
};
|
||||||
colors.focused = with config.lib.stylix.colors.withHashtag; {
|
colors.focused =
|
||||||
# stylix color overrides
|
with config.lib.stylix.colors.withHashtag;
|
||||||
border = lib.mkForce base08;
|
|
||||||
background = lib.mkForce base0A;
|
|
||||||
text = lib.mkForce base00;
|
|
||||||
};
|
|
||||||
startup = [
|
|
||||||
#{ command = "${pkgs.jellyfin-mpv-shim}/bin/jellyfin-mpv-shim"; always = false; }
|
|
||||||
{
|
{
|
||||||
command = "${pkgs.networkmanagerapplet}/bin/nm-applet --indicator";
|
# stylix color overrides
|
||||||
always = true;
|
border = lib.mkForce base08;
|
||||||
}
|
background = lib.mkForce base0A;
|
||||||
{
|
text = lib.mkForce base00;
|
||||||
command = toString backgroundCommand;
|
};
|
||||||
always = true;
|
startup =
|
||||||
}
|
[
|
||||||
{
|
#{ command = "${pkgs.jellyfin-mpv-shim}/bin/jellyfin-mpv-shim"; always = false; }
|
||||||
command = toString (
|
{ command = "${pkgs.networkmanagerapplet}/bin/nm-applet --indicator"; always = true; }
|
||||||
pkgs.writers.writeDash "xsettings" ''
|
{ command = toString backgroundCommand; always = true; }
|
||||||
|
{
|
||||||
|
command = toString (pkgs.writers.writeDash "xsettings" ''
|
||||||
# to allow sudo commands to access X
|
# to allow sudo commands to access X
|
||||||
${pkgs.xorg.xhost}/bin/xhost +
|
${pkgs.xorg.xhost}/bin/xhost +
|
||||||
# no shitty pcspkr crap
|
# no shitty pcspkr crap
|
||||||
|
@ -178,15 +162,13 @@ in
|
||||||
# no sleeping monitor
|
# no sleeping monitor
|
||||||
${pkgs.xorg.xset}/bin/xset -dpms
|
${pkgs.xorg.xset}/bin/xset -dpms
|
||||||
${pkgs.xorg.xset}/bin/xset s off
|
${pkgs.xorg.xset}/bin/xset s off
|
||||||
''
|
'');
|
||||||
);
|
always = true;
|
||||||
always = true;
|
}
|
||||||
}
|
];
|
||||||
];
|
|
||||||
bars = [
|
bars = [
|
||||||
(
|
(config.lib.stylix.i3.bar //
|
||||||
config.lib.stylix.i3.bar
|
{
|
||||||
// {
|
|
||||||
#mode = "hide";
|
#mode = "hide";
|
||||||
hiddenState = "hide";
|
hiddenState = "hide";
|
||||||
position = "top";
|
position = "top";
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ pkgs, lib, config, ... }:
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
config,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with pkgs;
|
with pkgs;
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
|
@ -34,18 +29,15 @@ with lib;
|
||||||
jetbrains.pycharm-professional
|
jetbrains.pycharm-professional
|
||||||
|
|
||||||
# planing
|
# planing
|
||||||
(
|
((ganttproject-bin.override {
|
||||||
(ganttproject-bin.override {
|
jre = pkgs.openjdk11;
|
||||||
jre = pkgs.openjdk11;
|
}).overrideAttrs (old: {
|
||||||
}).overrideAttrs
|
version = "3.1.3100";
|
||||||
(old: {
|
src = pkgs.fetchzip {
|
||||||
version = "3.1.3100";
|
url = "https://dl.ganttproject.biz/ganttproject-3.1.3100/ganttproject-3.1.3100.zip";
|
||||||
src = pkgs.fetchzip {
|
sha256 = "sha256-hw2paak0P670/kemiuqYHIaN0uUtkVKy+AX2X7OdnJ4=";
|
||||||
url = "https://dl.ganttproject.biz/ganttproject-3.1.3100/ganttproject-3.1.3100.zip";
|
};
|
||||||
sha256 = "sha256-hw2paak0P670/kemiuqYHIaN0uUtkVKy+AX2X7OdnJ4=";
|
}))
|
||||||
};
|
|
||||||
})
|
|
||||||
)
|
|
||||||
|
|
||||||
# Pkl
|
# Pkl
|
||||||
# ---
|
# ---
|
||||||
|
@ -109,8 +101,7 @@ with lib;
|
||||||
{
|
{
|
||||||
home.packages =
|
home.packages =
|
||||||
let
|
let
|
||||||
pandocScript =
|
pandocScript = { inputFormat, outputFormat }:
|
||||||
{ inputFormat, outputFormat }:
|
|
||||||
pkgs.writers.writeDashBin "pandoc-from-${inputFormat}-to-${outputFormat}" ''
|
pkgs.writers.writeDashBin "pandoc-from-${inputFormat}-to-${outputFormat}" ''
|
||||||
${pkgs.pandoc}/bin/pandoc \
|
${pkgs.pandoc}/bin/pandoc \
|
||||||
--from ${inputFormat} \
|
--from ${inputFormat} \
|
||||||
|
@ -144,26 +135,10 @@ with lib;
|
||||||
${pkgs.less}/bin/less
|
${pkgs.less}/bin/less
|
||||||
'')
|
'')
|
||||||
|
|
||||||
]
|
] ++ (map pandocScript (lib.cartesianProduct {
|
||||||
++ (map pandocScript (
|
inputFormat = [ "man" "markdown" "mediawiki" "asciidoc" ];
|
||||||
lib.cartesianProduct {
|
outputFormat = [ "mediawiki" "docbook5" "html5" "man" "jira" "markdown" "asciidoc" ];
|
||||||
inputFormat = [
|
}));
|
||||||
"man"
|
|
||||||
"markdown"
|
|
||||||
"mediawiki"
|
|
||||||
"asciidoc"
|
|
||||||
];
|
|
||||||
outputFormat = [
|
|
||||||
"mediawiki"
|
|
||||||
"docbook5"
|
|
||||||
"html5"
|
|
||||||
"man"
|
|
||||||
"jira"
|
|
||||||
"markdown"
|
|
||||||
"asciidoc"
|
|
||||||
];
|
|
||||||
}
|
|
||||||
));
|
|
||||||
|
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ config, lib, pkgs, ... }:
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with pkgs;
|
with pkgs;
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ config, lib, pkgs, ... }:
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with pkgs;
|
with pkgs;
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ pkgs, lib, config, ... }:
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
config,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with pkgs;
|
with pkgs;
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
|
|
|
@ -1,16 +1,10 @@
|
||||||
{
|
{ config, lib, pkgs, ... }:
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with pkgs;
|
with pkgs;
|
||||||
with lib;
|
with lib;
|
||||||
let
|
let
|
||||||
nextcloud-client = pkgs.legacy_2311.nextcloud-client;
|
nextcloud-client = pkgs.legacy_2311.nextcloud-client;
|
||||||
|
|
||||||
nextcloudSync =
|
nextcloudSync = folder:
|
||||||
folder:
|
|
||||||
let
|
let
|
||||||
password = "$( ${pkgs.pass}/bin/pass show home/nextcloud/palo/nextcloudcmd-token )";
|
password = "$( ${pkgs.pass}/bin/pass show home/nextcloud/palo/nextcloudcmd-token )";
|
||||||
user = "palo";
|
user = "palo";
|
||||||
|
@ -22,18 +16,19 @@ let
|
||||||
"https://${user}:${password}@nextcloud.ingolf-wagner.de"
|
"https://${user}:${password}@nextcloud.ingolf-wagner.de"
|
||||||
'';
|
'';
|
||||||
|
|
||||||
borrow = pkgs.writers.writeDashBin "borrow" ''
|
borrow = pkgs.writers.writeDashBin "borrow"
|
||||||
${getExe hledger-ui} \
|
''
|
||||||
--all \
|
${getExe hledger-ui} \
|
||||||
--theme=terminal \
|
--all \
|
||||||
--file ~/Nextcloud/Unterlagen/.hledger-borrow "$@"
|
--theme=terminal \
|
||||||
|
--file ~/Nextcloud/Unterlagen/.hledger-borrow "$@"
|
||||||
|
|
||||||
${getExe gum} confirm \
|
${getExe gum} confirm \
|
||||||
--affirmative="update" \
|
--affirmative="update" \
|
||||||
--negative="skip" \
|
--negative="skip" \
|
||||||
--default=false \
|
--default=false \
|
||||||
"Syncronize with Nextcloud?" && ${getExe (nextcloudSync "Unterlagen")}
|
"Syncronize with Nextcloud?" && ${getExe(nextcloudSync "Unterlagen")}
|
||||||
'';
|
'';
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ config, lib, pkgs, ... }:
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with pkgs;
|
with pkgs;
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
|
@ -13,6 +8,7 @@ with lib;
|
||||||
# ¯\_(ツ)_/¯
|
# ¯\_(ツ)_/¯
|
||||||
home.packages = [
|
home.packages = [
|
||||||
|
|
||||||
|
|
||||||
nixos-shell
|
nixos-shell
|
||||||
|
|
||||||
# bluetooth gui
|
# bluetooth gui
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ config, lib, pkgs, ... }:
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with pkgs;
|
with pkgs;
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ pkgs, lib, config, ... }:
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
config,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
{
|
{
|
||||||
|
|
||||||
home.packages = [ pkgs.sshuttle ];
|
home.packages = [ pkgs.sshuttle ];
|
||||||
|
|
|
@ -1,47 +1,29 @@
|
||||||
{
|
{ config, pkgs, lib, ... }:
|
||||||
config,
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with lib;
|
with lib;
|
||||||
with types;
|
with types;
|
||||||
let
|
let
|
||||||
mkMagicMergeOption =
|
mkMagicMergeOption = { description ? "", example ? { }, default ? { }, apply ? id, ... }:
|
||||||
{
|
|
||||||
description ? "",
|
|
||||||
example ? { },
|
|
||||||
default ? { },
|
|
||||||
apply ? id,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
mkOption {
|
mkOption {
|
||||||
inherit
|
inherit example description default apply;
|
||||||
example
|
type = with lib.types;
|
||||||
description
|
|
||||||
default
|
|
||||||
apply
|
|
||||||
;
|
|
||||||
type =
|
|
||||||
with lib.types;
|
|
||||||
let
|
let
|
||||||
valueType =
|
valueType = nullOr
|
||||||
nullOr (oneOf [
|
(oneOf [
|
||||||
bool
|
bool
|
||||||
int
|
int
|
||||||
float
|
float
|
||||||
str
|
str
|
||||||
(attrsOf valueType)
|
(attrsOf valueType)
|
||||||
(listOf valueType)
|
(listOf valueType)
|
||||||
])
|
]) // {
|
||||||
// {
|
description = "bool, int, float or str";
|
||||||
description = "bool, int, float or str";
|
emptyValue.value = { };
|
||||||
emptyValue.value = { };
|
};
|
||||||
};
|
|
||||||
in
|
in
|
||||||
valueType;
|
valueType;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
taskwarrior-tui = pkgs.legacy_2311.taskwarrior-tui;
|
taskwarrior-tui = pkgs.legacy_2311.taskwarrior-tui;
|
||||||
|
|
||||||
in
|
in
|
||||||
|
@ -49,72 +31,69 @@ in
|
||||||
{
|
{
|
||||||
|
|
||||||
# bugwarrior (a bit fiddly)
|
# bugwarrior (a bit fiddly)
|
||||||
imports = [
|
imports = [{
|
||||||
{
|
|
||||||
|
|
||||||
options.bugwarrior.config = mkMagicMergeOption {
|
options.bugwarrior.config = mkMagicMergeOption {
|
||||||
type = attrs;
|
type = attrs;
|
||||||
default = { };
|
default = { };
|
||||||
};
|
};
|
||||||
|
|
||||||
config = {
|
config = {
|
||||||
home.file.".config/bugwarrior/bugwarrior.toml".source =
|
home.file.".config/bugwarrior/bugwarrior.toml".source = (pkgs.formats.toml { }).generate "bugwarriorrc.toml" config.bugwarrior.config;
|
||||||
(pkgs.formats.toml { }).generate "bugwarriorrc.toml"
|
# todo : before deleting this, put it in logseq
|
||||||
config.bugwarrior.config;
|
|
||||||
# todo : before deleting this, put it in logseq
|
|
||||||
|
|
||||||
home.packages = [
|
home.packages = [
|
||||||
(pkgs.legacy_2311.python3Packages.bugwarrior.overrideAttrs (old: {
|
(pkgs.legacy_2311.python3Packages.bugwarrior.overrideAttrs (old: {
|
||||||
version = "develop";
|
version = "develop";
|
||||||
src = pkgs.fetchFromGitHub {
|
src = pkgs.fetchFromGitHub {
|
||||||
owner = "ralphbean";
|
owner = "ralphbean";
|
||||||
repo = "bugwarrior";
|
repo = "bugwarrior";
|
||||||
rev = "6554e70c199cc766a2b5e4e4fe22e4e46d64bba1";
|
rev = "6554e70c199cc766a2b5e4e4fe22e4e46d64bba1";
|
||||||
sha256 = "sha256-cKhL8FBH7wxCxXrybVRLfCHQTCxursFqtBDl3e1UUXs=";
|
sha256 = "sha256-cKhL8FBH7wxCxXrybVRLfCHQTCxursFqtBDl3e1UUXs=";
|
||||||
};
|
};
|
||||||
propagatedBuildInputs = old.propagatedBuildInputs ++ [
|
propagatedBuildInputs = old.propagatedBuildInputs ++ [
|
||||||
pkgs.legacy_2311.python3Packages.pydantic
|
pkgs.legacy_2311.python3Packages.pydantic
|
||||||
pkgs.legacy_2311.python3Packages.tomli
|
pkgs.legacy_2311.python3Packages.tomli
|
||||||
pkgs.legacy_2311.python3Packages.email-validator
|
pkgs.legacy_2311.python3Packages.email-validator
|
||||||
pkgs.legacy_2311.python3Packages.packaging
|
pkgs.legacy_2311.python3Packages.packaging
|
||||||
];
|
];
|
||||||
}))
|
}))
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}];
|
||||||
];
|
|
||||||
|
|
||||||
config = mkIf config.gui.enable {
|
config = mkIf config.gui.enable {
|
||||||
|
|
||||||
home.packages = with pkgs; [
|
home.packages = with pkgs;
|
||||||
|
[
|
||||||
|
|
||||||
taskwarrior
|
taskwarrior
|
||||||
taskwarrior-tui
|
taskwarrior-tui
|
||||||
|
|
||||||
timewarrior
|
timewarrior
|
||||||
tasksh
|
tasksh
|
||||||
taskwarrior-hooks
|
taskwarrior-hooks
|
||||||
(pkgs.writeShellScriptBin "tsak" ''${pkgs.taskwarrior}/bin/task "$@"'')
|
(pkgs.writeShellScriptBin "tsak" ''${pkgs.taskwarrior}/bin/task "$@"'')
|
||||||
|
|
||||||
vit
|
vit
|
||||||
(pkgs.writers.writeBashBin "active" "${taskwarrior-tui}/bin/taskwarrior-tui -r active")
|
(pkgs.writers.writeBashBin "active" "${taskwarrior-tui}/bin/taskwarrior-tui -r active")
|
||||||
(pkgs.writers.writeBashBin "todo" "${taskwarrior-tui}/bin/taskwarrior-tui -r todo")
|
(pkgs.writers.writeBashBin "todo" "${taskwarrior-tui}/bin/taskwarrior-tui -r todo")
|
||||||
|
|
||||||
(pkgs.writers.writeBashBin "calendar" ''
|
(pkgs.writers.writeBashBin "calendar" ''
|
||||||
${pkgs.taskwarrior}/bin/task calendar
|
${pkgs.taskwarrior}/bin/task calendar
|
||||||
${pkgs.taskwarrior}/bin/task calendar_report
|
${pkgs.taskwarrior}/bin/task calendar_report
|
||||||
'')
|
'')
|
||||||
|
|
||||||
# todo : belongs to calendar.nix
|
# todo : belongs to calendar.nix
|
||||||
vdirsyncer
|
vdirsyncer
|
||||||
khal
|
khal
|
||||||
(pkgs.writers.writeBashBin "kalendar" ''
|
(pkgs.writers.writeBashBin "kalendar" ''
|
||||||
${pkgs.vdirsyncer}/bin/vdirsyncer sync
|
${pkgs.vdirsyncer}/bin/vdirsyncer sync
|
||||||
${pkgs.khal}/bin/ikhal
|
${pkgs.khal}/bin/ikhal
|
||||||
'')
|
'')
|
||||||
|
|
||||||
];
|
];
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ config, lib, pkgs, ... }:
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with pkgs;
|
with pkgs;
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
|
@ -11,17 +6,13 @@ with lib;
|
||||||
home.packages = [
|
home.packages = [
|
||||||
logseq
|
logseq
|
||||||
];
|
];
|
||||||
home.file.".config/Logseq/Preferences".source =
|
home.file.".config/Logseq/Preferences".source = (pkgs.formats.json { }).generate "LogseqPreferences.json"
|
||||||
(pkgs.formats.json { }).generate "LogseqPreferences.json"
|
{
|
||||||
{
|
spellcheck = {
|
||||||
spellcheck = {
|
dictionaries = [ "en-US" "de-DE" ];
|
||||||
dictionaries = [
|
dictionary = "";
|
||||||
"en-US"
|
|
||||||
"de-DE"
|
|
||||||
];
|
|
||||||
dictionary = "";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ config, lib, pkgs, ... }:
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
with pkgs;
|
with pkgs;
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
|
@ -30,7 +25,10 @@ with lib;
|
||||||
pdfarranger
|
pdfarranger
|
||||||
calibre
|
calibre
|
||||||
|
|
||||||
|
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,16 +1,11 @@
|
||||||
{
|
{
|
||||||
# cat ~/.ssh/id_rsa.pub
|
# cat ~/.ssh/id_rsa.pub
|
||||||
publicSshKey ? "",
|
publicSshKey ? ""
|
||||||
# remote-install-get-hiddenReceiver
|
, # remote-install-get-hiddenReceiver
|
||||||
hiddenReceiver ? "",
|
hiddenReceiver ? ""
|
||||||
|
,
|
||||||
}:
|
}:
|
||||||
{
|
{ config, lib, pkgs, ... }: {
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
{
|
|
||||||
|
|
||||||
imports = [
|
imports = [
|
||||||
{
|
{
|
||||||
|
@ -18,9 +13,7 @@
|
||||||
networking.hostName = "liveos";
|
networking.hostName = "liveos";
|
||||||
|
|
||||||
users.extraUsers = {
|
users.extraUsers = {
|
||||||
root = {
|
root = { openssh.authorizedKeys.keys = [ publicSshKey ]; };
|
||||||
openssh.authorizedKeys.keys = [ publicSshKey ];
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
|
@ -111,20 +104,15 @@
|
||||||
client.enable = true;
|
client.enable = true;
|
||||||
relay.onionServices.hidden-ssh = {
|
relay.onionServices.hidden-ssh = {
|
||||||
version = 3;
|
version = 3;
|
||||||
map = [
|
map = [{
|
||||||
{
|
port = 22;
|
||||||
port = 22;
|
target.port = 22;
|
||||||
target.port = 22;
|
}];
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
systemd.services.hidden-ssh-announce = {
|
systemd.services.hidden-ssh-announce = {
|
||||||
description = "irc announce hidden ssh";
|
description = "irc announce hidden ssh";
|
||||||
after = [
|
after = [ "tor.service" "network-online.target" ];
|
||||||
"tor.service"
|
|
||||||
"network-online.target"
|
|
||||||
];
|
|
||||||
wants = [ "tor.service" ];
|
wants = [ "tor.service" ];
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
|
|
|
@ -1,19 +1,15 @@
|
||||||
{
|
{ config, lib, pkgs, ... }:
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
|
|
||||||
{
|
{
|
||||||
|
|
||||||
imports = [
|
imports =
|
||||||
# Include the results of the hardware scan.
|
[
|
||||||
./hardware-configuration.nix
|
# Include the results of the hardware scan.
|
||||||
|
./hardware-configuration.nix
|
||||||
|
|
||||||
"${builtins.fetchTarball "https://github.com/nix-community/disko/archive/master.tar.gz"}/module.nix"
|
"${builtins.fetchTarball "https://github.com/nix-community/disko/archive/master.tar.gz"}/module.nix"
|
||||||
(import ./disko-config.nix { })
|
(import ./disko-config.nix { })
|
||||||
];
|
];
|
||||||
|
|
||||||
networking.hostName = "nixos";
|
networking.hostName = "nixos";
|
||||||
|
|
||||||
|
@ -46,9 +42,7 @@
|
||||||
|
|
||||||
services.openssh.enable = true;
|
services.openssh.enable = true;
|
||||||
|
|
||||||
users.users.root.openssh.authorizedKeys.keys = [
|
users.users.root.openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw== contact@ingolf-wagner.de" ];
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw== contact@ingolf-wagner.de"
|
|
||||||
];
|
|
||||||
|
|
||||||
# This value determines the NixOS release from which the default
|
# This value determines the NixOS release from which the default
|
||||||
# settings for stateful data, like file locations and database versions
|
# settings for stateful data, like file locations and database versions
|
||||||
|
@ -58,4 +52,5 @@
|
||||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||||
system.stateVersion = "22.11"; # Did you read the comment?
|
system.stateVersion = "22.11"; # Did you read the comment?
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -4,7 +4,8 @@ let
|
||||||
remote-access = import ../lib/remote-access.nix {
|
remote-access = import ../lib/remote-access.nix {
|
||||||
|
|
||||||
# cat ~/.ssh/id_rsa.pub
|
# cat ~/.ssh/id_rsa.pub
|
||||||
publicSshKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw==";
|
publicSshKey =
|
||||||
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw==";
|
||||||
|
|
||||||
# remote-install-get-hiddenReceiver
|
# remote-install-get-hiddenReceiver
|
||||||
hiddenReceiver = "";
|
hiddenReceiver = "";
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
services.tor = {
|
services.tor = {
|
||||||
enable = true;
|
enable = true;
|
||||||
client.enable = true;
|
client.enable = true;
|
||||||
relay.onionServices.liveos.map = [ { port = 1337; } ];
|
relay.onionServices.liveos.map = [{ port = 1337; }];
|
||||||
};
|
};
|
||||||
|
|
||||||
environment.systemPackages = [
|
environment.systemPackages = [
|
||||||
|
|
|
@ -1,22 +1,10 @@
|
||||||
{
|
{ pkgs, lib, config, ... }: {
|
||||||
pkgs,
|
users.users.mainUser.extraGroups = [ "audio" "pipewire" ];
|
||||||
lib,
|
|
||||||
config,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
{
|
|
||||||
users.users.mainUser.extraGroups = [
|
|
||||||
"audio"
|
|
||||||
"pipewire"
|
|
||||||
];
|
|
||||||
|
|
||||||
hardware.pulseaudio = {
|
hardware.pulseaudio = {
|
||||||
enable = true;
|
enable = true;
|
||||||
package = pkgs.pulseaudioFull;
|
package = pkgs.pulseaudioFull;
|
||||||
};
|
};
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [ alsaUtils pavucontrol ];
|
||||||
alsaUtils
|
|
||||||
pavucontrol
|
|
||||||
];
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,15 +1,6 @@
|
||||||
{
|
{ pkgs, lib, config, ... }: {
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
config,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
{
|
|
||||||
|
|
||||||
imports = [
|
imports = [ ./x11.nix ./audio.nix ];
|
||||||
./x11.nix
|
|
||||||
./audio.nix
|
|
||||||
];
|
|
||||||
|
|
||||||
#networking.networkmanager.enable = true;
|
#networking.networkmanager.enable = true;
|
||||||
#networking.wireless.enable = false;
|
#networking.wireless.enable = false;
|
||||||
|
|
|
@ -1,10 +1,4 @@
|
||||||
{
|
{ pkgs, config, lib, ... }: {
|
||||||
pkgs,
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
{
|
|
||||||
|
|
||||||
services.xserver = {
|
services.xserver = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -50,11 +44,6 @@
|
||||||
|
|
||||||
# Packages
|
# Packages
|
||||||
# --------
|
# --------
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [ flameshot pavucontrol mumble vlc ];
|
||||||
flameshot
|
|
||||||
pavucontrol
|
|
||||||
mumble
|
|
||||||
vlc
|
|
||||||
];
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,19 +1,17 @@
|
||||||
{
|
{ config, lib, pkgs, ... }:
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
|
|
||||||
{
|
{
|
||||||
|
|
||||||
imports = [
|
|
||||||
# Include the results of the hardware scan.
|
imports =
|
||||||
./hardware-configuration.nix
|
[
|
||||||
];
|
# Include the results of the hardware scan.
|
||||||
|
./hardware-configuration.nix
|
||||||
|
];
|
||||||
|
|
||||||
networking.hostName = "nixos";
|
networking.hostName = "nixos";
|
||||||
|
|
||||||
|
|
||||||
# grub configuraton
|
# grub configuraton
|
||||||
# -----------------
|
# -----------------
|
||||||
boot.loader.grub.enable = true;
|
boot.loader.grub.enable = true;
|
||||||
|
@ -43,9 +41,7 @@
|
||||||
|
|
||||||
services.openssh.enable = true;
|
services.openssh.enable = true;
|
||||||
|
|
||||||
users.users.root.openssh.authorizedKeys.keys = [
|
users.users.root.openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw== contact@ingolf-wagner.de" ];
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw== contact@ingolf-wagner.de"
|
|
||||||
];
|
|
||||||
|
|
||||||
# This value determines the NixOS release from which the default
|
# This value determines the NixOS release from which the default
|
||||||
# settings for stateful data, like file locations and database versions
|
# settings for stateful data, like file locations and database versions
|
||||||
|
@ -55,4 +51,5 @@
|
||||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||||
system.stateVersion = "22.11"; # Did you read the comment?
|
system.stateVersion = "22.11"; # Did you read the comment?
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -8,7 +8,8 @@ let
|
||||||
plainTextPassword = "";
|
plainTextPassword = "";
|
||||||
};
|
};
|
||||||
remote-access = import ../lib/remote-access.nix {
|
remote-access = import ../lib/remote-access.nix {
|
||||||
publicSshKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw==";
|
publicSshKey =
|
||||||
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw==";
|
||||||
hiddenReceiver = "";
|
hiddenReceiver = "";
|
||||||
};
|
};
|
||||||
in
|
in
|
||||||
|
@ -16,10 +17,7 @@ in
|
||||||
|
|
||||||
imports = [ remote-access ];
|
imports = [ remote-access ];
|
||||||
|
|
||||||
environment.systemPackages = [
|
environment.systemPackages = [ pkgs.chntpw pkgs.ntfs3g ];
|
||||||
pkgs.chntpw
|
|
||||||
pkgs.ntfs3g
|
|
||||||
];
|
|
||||||
|
|
||||||
networking.dhcpcd.enable = true;
|
networking.dhcpcd.enable = true;
|
||||||
networking.wireless = {
|
networking.wireless = {
|
||||||
|
|
|
@ -12,7 +12,8 @@ let
|
||||||
sha256 = "0rzy06a5xgfjpaklxdgrxml24d0vhk78lb577l3z4x7a2p32dbyq";
|
sha256 = "0rzy06a5xgfjpaklxdgrxml24d0vhk78lb577l3z4x7a2p32dbyq";
|
||||||
};
|
};
|
||||||
buildInputs = [ pkgs.pandoc ];
|
buildInputs = [ pkgs.pandoc ];
|
||||||
installPhase = "pandoc --highlight-style pygments -s --toc README.md -o $out";
|
installPhase =
|
||||||
|
"pandoc --highlight-style pygments -s --toc README.md -o $out";
|
||||||
};
|
};
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
|
|
@ -3,14 +3,17 @@ let
|
||||||
|
|
||||||
allMachineNames = lib.mapAttrsToList (name: _: name) (builtins.readDir machineDir);
|
allMachineNames = lib.mapAttrsToList (name: _: name) (builtins.readDir machineDir);
|
||||||
|
|
||||||
getFactPath = fact: machine: "${machineDir}/${machine}/facts/${fact}";
|
getFactPath = fact: machine:
|
||||||
|
"${machineDir}/${machine}/facts/${fact}";
|
||||||
|
|
||||||
readFact =
|
readFact = fact: machine:
|
||||||
fact: machine:
|
|
||||||
let
|
let
|
||||||
path = getFactPath fact machine;
|
path = getFactPath fact machine;
|
||||||
in
|
in
|
||||||
if builtins.pathExists path then builtins.readFile path else null;
|
if builtins.pathExists path then
|
||||||
|
builtins.readFile path
|
||||||
|
else
|
||||||
|
null;
|
||||||
|
|
||||||
# Example:
|
# Example:
|
||||||
#
|
#
|
||||||
|
@ -19,8 +22,7 @@ let
|
||||||
# machineA = "1.2.3.4";
|
# machineA = "1.2.3.4";
|
||||||
# machineB = "5.6.7.8";
|
# machineB = "5.6.7.8";
|
||||||
# };
|
# };
|
||||||
readFactFromAllMachines =
|
readFactFromAllMachines = fact:
|
||||||
fact:
|
|
||||||
let
|
let
|
||||||
machines = allMachineNames;
|
machines = allMachineNames;
|
||||||
facts = lib.genAttrs machines (readFact fact);
|
facts = lib.genAttrs machines (readFact fact);
|
||||||
|
@ -45,27 +47,18 @@ let
|
||||||
# "synching.pub" = "23456719";
|
# "synching.pub" = "23456719";
|
||||||
# };
|
# };
|
||||||
# };
|
# };
|
||||||
readFactsFromAllMachines =
|
readFactsFromAllMachines = facts:
|
||||||
facts:
|
|
||||||
let
|
let
|
||||||
# machine -> fact -> factvalue
|
# machine -> fact -> factvalue
|
||||||
machinesFactsAttrs = lib.genAttrs allMachineNames (
|
machinesFactsAttrs = lib.genAttrs allMachineNames (machine: lib.genAttrs facts (fact: readFact fact machine));
|
||||||
machine: lib.genAttrs facts (fact: readFact fact machine)
|
|
||||||
);
|
|
||||||
# remove all machines which don't have all facts set
|
# remove all machines which don't have all facts set
|
||||||
filteredMachineFactAttrs = lib.filterAttrs (
|
filteredMachineFactAttrs =
|
||||||
_machine: values: builtins.all (fact: values.${fact} != null) facts
|
lib.filterAttrs (_machine: values: builtins.all (fact: values.${fact} != null) facts)
|
||||||
) machinesFactsAttrs;
|
machinesFactsAttrs;
|
||||||
in
|
in
|
||||||
filteredMachineFactAttrs;
|
filteredMachineFactAttrs;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
in
|
in
|
||||||
{
|
{ inherit allMachineNames getFactPath readFact readFactFromAllMachines readFactsFromAllMachines; }
|
||||||
inherit
|
|
||||||
allMachineNames
|
|
||||||
getFactPath
|
|
||||||
readFact
|
|
||||||
readFactFromAllMachines
|
|
||||||
readFactsFromAllMachines
|
|
||||||
;
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ config, lib, pkgs, ... }:
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
let
|
let
|
||||||
interface = "wlp170s0";
|
interface = "wlp170s0";
|
||||||
in
|
in
|
||||||
|
@ -31,9 +26,9 @@ in
|
||||||
phase2-auth = "pap";
|
phase2-auth = "pap";
|
||||||
altsubject-matches = "DNS:radius.c3noc.net";
|
altsubject-matches = "DNS:radius.c3noc.net";
|
||||||
ca-cert = "${builtins.fetchurl {
|
ca-cert = "${builtins.fetchurl {
|
||||||
url = "https://letsencrypt.org/certs/isrgrootx1.pem";
|
url = "https://letsencrypt.org/certs/isrgrootx1.pem";
|
||||||
sha256 = "sha256:1la36n2f31j9s03v847ig6ny9lr875q3g7smnq33dcsmf2i5gd92";
|
sha256 = "sha256:1la36n2f31j9s03v847ig6ny9lr875q3g7smnq33dcsmf2i5gd92";
|
||||||
}}";
|
}}";
|
||||||
};
|
};
|
||||||
ipv4 = {
|
ipv4 = {
|
||||||
method = "auto";
|
method = "auto";
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ config, pkgs, lib, ... }:
|
||||||
config,
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
{
|
{
|
||||||
|
|
||||||
imports = [
|
imports = [
|
||||||
|
@ -42,6 +37,7 @@
|
||||||
# (promptKey "pushover.user_key") //
|
# (promptKey "pushover.user_key") //
|
||||||
# (promptKey "pushover.api_key");
|
# (promptKey "pushover.api_key");
|
||||||
|
|
||||||
|
|
||||||
components.virtualisation.enable = true;
|
components.virtualisation.enable = true;
|
||||||
|
|
||||||
components.gui.enable = true;
|
components.gui.enable = true;
|
||||||
|
@ -56,13 +52,11 @@
|
||||||
components.monitor.opentelemetry.exporter.endpoint = "10.100.0.1:4317"; # orbi
|
components.monitor.opentelemetry.exporter.endpoint = "10.100.0.1:4317"; # orbi
|
||||||
#components.monitor.opentelemetry.exporter.debug = "logs";
|
#components.monitor.opentelemetry.exporter.debug = "logs";
|
||||||
|
|
||||||
|
|
||||||
home-manager.users.mainUser.home.sessionPath = [ "$HOME/.timewarrior/scripts" ];
|
home-manager.users.mainUser.home.sessionPath = [ "$HOME/.timewarrior/scripts" ];
|
||||||
home-manager.users.mainUser.bugwarrior.config = {
|
home-manager.users.mainUser.bugwarrior.config = {
|
||||||
general = {
|
general = {
|
||||||
targets = [
|
targets = [ "terranix" "my_github" ];
|
||||||
"terranix"
|
|
||||||
"my_github"
|
|
||||||
];
|
|
||||||
log_level = "INFO";
|
log_level = "INFO";
|
||||||
static_fields = [ "priority" ];
|
static_fields = [ "priority" ];
|
||||||
merge_annotations = false;
|
merge_annotations = false;
|
||||||
|
@ -90,15 +84,12 @@
|
||||||
add_tags = "github";
|
add_tags = "github";
|
||||||
include_user_issues = true;
|
include_user_issues = true;
|
||||||
include_user_repos = true;
|
include_user_repos = true;
|
||||||
exclude_repos = [
|
exclude_repos = [ "azubi" "csv-to-qif" "stepp0r" ];
|
||||||
"azubi"
|
|
||||||
"csv-to-qif"
|
|
||||||
"stepp0r"
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
# todo : add github issues
|
# todo : add github issues
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
users.users.mainUser.extraGroups = [ "pipewire" ];
|
users.users.mainUser.extraGroups = [ "pipewire" ];
|
||||||
|
|
||||||
services.nginx.enable = true;
|
services.nginx.enable = true;
|
||||||
|
|
|
@ -1,9 +1,4 @@
|
||||||
{
|
{ lib, config, factsGenerator, ... }:
|
||||||
lib,
|
|
||||||
config,
|
|
||||||
factsGenerator,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./disko-config.nix
|
./disko-config.nix
|
||||||
|
@ -29,4 +24,6 @@
|
||||||
ACTION=="add|change", KERNEL=="sd[a-z]*[0-9]*|mmcblk[0-9]*p[0-9]*|nvme[0-9]*n[0-9]*p[0-9]*", ENV{ID_FS_TYPE}=="zfs_member", ATTR{../queue/scheduler}="none"
|
ACTION=="add|change", KERNEL=="sd[a-z]*[0-9]*|mmcblk[0-9]*p[0-9]*|nvme[0-9]*n[0-9]*p[0-9]*", ENV{ID_FS_TYPE}=="zfs_member", ATTR{../queue/scheduler}="none"
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -70,3 +70,4 @@
|
||||||
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -14,8 +14,6 @@
|
||||||
hardware.graphics.enable32Bit = true;
|
hardware.graphics.enable32Bit = true;
|
||||||
hardware.graphics.extraPackages32 = with pkgs.pkgsi686Linux; [ intel-vaapi-driver ];
|
hardware.graphics.extraPackages32 = with pkgs.pkgsi686Linux; [ intel-vaapi-driver ];
|
||||||
|
|
||||||
environment.sessionVariables = {
|
environment.sessionVariables = { LIBVA_DRIVER_NAME = "i965"; }; # Optionally, set the environment variable
|
||||||
LIBVA_DRIVER_NAME = "i965";
|
|
||||||
}; # Optionally, set the environment variable
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,26 +1,15 @@
|
||||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||||
# and may be overwritten by future invocations. Please make changes
|
# and may be overwritten by future invocations. Please make changes
|
||||||
# to /etc/nixos/configuration.nix instead.
|
# to /etc/nixos/configuration.nix instead.
|
||||||
{
|
{ config, lib, pkgs, modulesPath, ... }:
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
modulesPath,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports =
|
||||||
(modulesPath + "/installer/scan/not-detected.nix")
|
[
|
||||||
];
|
(modulesPath + "/installer/scan/not-detected.nix")
|
||||||
|
];
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = [
|
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" ];
|
||||||
"xhci_pci"
|
|
||||||
"thunderbolt"
|
|
||||||
"nvme"
|
|
||||||
"usb_storage"
|
|
||||||
"sd_mod"
|
|
||||||
];
|
|
||||||
boot.initrd.kernelModules = [ ];
|
boot.initrd.kernelModules = [ ];
|
||||||
boot.kernelModules = [ "kvm-intel" ];
|
boot.kernelModules = [ "kvm-intel" ];
|
||||||
boot.extraModulePackages = [ ];
|
boot.extraModulePackages = [ ];
|
||||||
|
|
|
@ -7,10 +7,8 @@
|
||||||
networking.retiolum.nodename = "cherry";
|
networking.retiolum.nodename = "cherry";
|
||||||
|
|
||||||
services.tinc.networks.retiolum = {
|
services.tinc.networks.retiolum = {
|
||||||
ed25519PrivateKeyFile =
|
ed25519PrivateKeyFile = config.clan.core.facts.services.tinc_retiolum.secret."tinc.retiolum.ed25519_key.priv".path;
|
||||||
config.clan.core.facts.services.tinc_retiolum.secret."tinc.retiolum.ed25519_key.priv".path;
|
rsaPrivateKeyFile = config.clan.core.facts.services.tinc_retiolum.secret."tinc.retiolum.rsa_key.priv".path;
|
||||||
rsaPrivateKeyFile =
|
|
||||||
config.clan.core.facts.services.tinc_retiolum.secret."tinc.retiolum.rsa_key.priv".path;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
#fileSystems."/retiolum/sicily" = {
|
#fileSystems."/retiolum/sicily" = {
|
||||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue