Compare commits

..

No commits in common. "7a6510a4e65d6c3b5e0bc788e2f340612d288872" and "2bc86a4912a72188f1c1d9535d799570c6676155" have entirely different histories.

200 changed files with 2080 additions and 3450 deletions

View file

@ -1,15 +1,18 @@
name: Build all NixOS Configurations
on:
push:
branches:
- "**"
schedule:
- cron: "30 2/6 * * *" # not to frequent, GitHub only allows a few pulls per hour
jobs:
nix build:
runs-on: native
steps:
- uses: actions/checkout@v4
- name: update nix flakes
if: ${{ github.event_name == 'schedule' }}
# we need to use our ssh key here because we need access to private flakes
@ -27,6 +30,7 @@ jobs:
echo $SSH_AGENT_PID
kill $SSH_AGENT_PID
rm .ssh_key
- name: nix flake archive/check
# we need to use our ssh key here because we need access to private flakes
run: |
@ -44,16 +48,22 @@ jobs:
echo $SSH_AGENT_PID
kill $SSH_AGENT_PID
rm .ssh_key
- name: nix build orbi
run: nix build .#nixosConfigurations.orbi.config.system.build.toplevel
- name: nix build cream
run: nix build .#nixosConfigurations.cream.config.system.build.toplevel
- name: nix build cherry
run: nix build .#nixosConfigurations.cherry.config.system.build.toplevel
- name: nix build chungus
run: nix build .#nixosConfigurations.chungus.config.system.build.toplevel
- name: nix build usbstick
run: nix build .#nixosConfigurations.usbstick.config.system.build.toplevel
- name: commit & push
if: ${{ github.event_name == 'schedule' }}
# only if all nix builds are fine we update our branch

View file

@ -1,9 +1,4 @@
{
config,
lib,
pkgs,
...
}:
{ config, lib, pkgs, ... }:
with lib;
{

View file

@ -14,4 +14,5 @@
./yubikey.nix
];
}

View file

@ -1,10 +1,5 @@
# TODO test `alsactl init` after suspend to reinit mic
{
pkgs,
config,
lib,
...
}:
{ pkgs, config, lib, ... }:
with lib;
{
options.components.gui.audio.enable = mkOption {

View file

@ -1,9 +1,4 @@
{
pkgs,
lib,
config,
...
}:
{ pkgs, lib, config, ... }:
with lib;
{
options.components.gui = {

View file

@ -1,9 +1,4 @@
{
pkgs,
lib,
config,
...
}:
{ pkgs, lib, config, ... }:
with lib;
{

View file

@ -1,9 +1,4 @@
{
config,
pkgs,
lib,
...
}:
{ config, pkgs, lib, ... }:
{
options.components.gui.kmonad.enable = lib.mkOption {
@ -84,21 +79,9 @@
in
{
nativ = keyboard "/dev/input/by-path/platform-i8042-serio-0-event-kbd" [
"lctl"
"lmet"
"lalt"
];
dasKeyboard = keyboard "/dev/input/by-id/usb-Metadot_-_Das_Keyboard_Das_Keyboard-event-kbd" [
"lctl"
"lmet"
"lalt"
];
uhk = keyboard "/dev/input/by-id/usb-Ultimate_Gadget_Laboratories_UHK_60_v2-event-kbd" [
"lctl"
"lmet"
"lalt"
];
nativ = keyboard "/dev/input/by-path/platform-i8042-serio-0-event-kbd" [ "lctl" "lmet" "lalt" ];
dasKeyboard = keyboard "/dev/input/by-id/usb-Metadot_-_Das_Keyboard_Das_Keyboard-event-kbd" [ "lctl" "lmet" "lalt" ];
uhk = keyboard "/dev/input/by-id/usb-Ultimate_Gadget_Laboratories_UHK_60_v2-event-kbd" [ "lctl" "lmet" "lalt" ];
};
};
};

View file

@ -1,11 +1,6 @@
# notify me when a command is finished
# todo : secret managment is shit
{
config,
pkgs,
lib,
...
}:
{ config, pkgs, lib, ... }:
with lib;
{
options.components.gui.noti.enable = mkOption {

View file

@ -1,17 +1,11 @@
{
pkgs,
config,
lib,
...
}:
{ pkgs, config, lib, ... }:
with lib;
let
# desktop file
# ------------
# makes it possible to be used by other programs
desktopFile =
name: bin:
desktopFile = name: bin:
pkgs.writeTextFile {
name = "${name}.desktop";
destination = "/share/applications/${name}.desktop";
@ -40,9 +34,7 @@ in
environment.systemPackages = [
(pkgs.pass.withExtensions (ext: [ ext.pass-otp ]))
# todo : use upstream desktop file creator
(desktopFile "passmenu" "${
pkgs.pass.withExtensions (ext: [ ext.pass-otp ])
}/bin/passmenu --type -l 10")
(desktopFile "passmenu" "${pkgs.pass.withExtensions (ext: [ext.pass-otp])}/bin/passmenu --type -l 10")
pkgs.otpmenu

View file

@ -1,9 +1,4 @@
{
config,
pkgs,
lib,
...
}:
{ config, pkgs, lib, ... }:
with lib;
{
options.components.gui.steam.enable = mkOption {
@ -27,12 +22,7 @@ with lib;
isSystemUser = true;
home = "/home/steam";
createHome = true;
extraGroups = [
"audio"
"input"
"video"
"pipewire"
];
extraGroups = [ "audio" "input" "video" "pipewire" ];
group = "steam";
shell = pkgs.bashInteractive;
};

View file

@ -1,9 +1,4 @@
{
pkgs,
config,
lib,
...
}:
{ pkgs, config, lib, ... }:
with lib;
{
options.components.gui.suspend.enable = mkOption {
@ -18,11 +13,13 @@ with lib;
requiredBy = [ "sleep.target" ];
environment =
let
display = if (config.services.xserver.display != null) then config.services.xserver.display else 0;
display =
if (config.services.xserver.display != null) then
config.services.xserver.display
else
0;
in
{
DISPLAY = ":${toString display}";
};
{ DISPLAY = ":${toString display}"; };
script = ''
${pkgs.xlockmore}/bin/xlock -mode life1d -size 1 &
sleep 1

View file

@ -1,9 +1,4 @@
{
config,
pkgs,
lib,
...
}:
{ config, pkgs, lib, ... }:
with lib;
{
options.components.gui.vscode.enable = mkOption {

View file

@ -1,9 +1,4 @@
{
config,
pkgs,
lib,
...
}:
{ config, pkgs, lib, ... }:
with lib;
{

View file

@ -1,9 +1,4 @@
{
config,
pkgs,
lib,
...
}:
{ config, pkgs, lib, ... }:
with lib;
{
@ -83,3 +78,4 @@ with lib;
};
}

View file

@ -1,9 +1,4 @@
{
lib,
pkgs,
config,
...
}:
{ lib, pkgs, config, ... }:
with lib;
let

View file

@ -1,9 +1,4 @@
{
config,
pkgs,
lib,
...
}:
{ config, pkgs, lib, ... }:
with lib;
with types;
let
@ -11,10 +6,15 @@ let
cfg = config.components.mainUser;
# todo : use optionalList
dockerGroup = if (config.virtualisation.docker.enable) then [ "docker" ] else [ ];
dockerGroup =
if (config.virtualisation.docker.enable) then [ "docker" ] else [ ];
# todo : use optionalList
vboxGroup = if (config.virtualisation.virtualbox.host.enable) then [ "vboxusers" ] else [ ];
vboxGroup =
if (config.virtualisation.virtualbox.host.enable) then
[ "vboxusers" ]
else
[ ];
in
{
@ -73,16 +73,8 @@ in
uid = cfg.uid;
home = "/home/${cfg.userName}";
initialPassword = cfg.userName;
extraGroups = [
"wheel"
"networkmanager"
"transmission"
"wireshark"
"audio"
"pipewire"
"input"
"dialout"
] ++ dockerGroup ++ vboxGroup ++ cfg.extraGroups;
extraGroups = [ "wheel" "networkmanager" "transmission" "wireshark" "audio" "pipewire" "input" "dialout" ]
++ dockerGroup ++ vboxGroup ++ cfg.extraGroups;
openssh.authorizedKeys.keyFiles = cfg.authorizedKeyFiles;
group = config.users.groups.mainUser.name;
};

View file

@ -4,12 +4,7 @@
# * connect via mixxx to it.
# * add the podcast to mpd in the same network
# --------------------------------------------------
{
pkgs,
config,
lib,
...
}:
{ pkgs, config, lib, ... }:
with lib;
let

View file

@ -1,9 +1,4 @@
{
pkgs,
config,
lib,
...
}:
{ pkgs, config, lib, ... }:
with lib;
{

View file

@ -1,14 +1,10 @@
{
config,
pkgs,
lib,
...
}:
{ config, pkgs, lib, ... }:
with lib;
let
obs-cmd = pkgs.rustPlatform.buildRustPackage rec {
obs-cmd = pkgs.rustPlatform.buildRustPackage
rec {
pname = "obs-cmd";
version = "v0.15.2";
src = pkgs.fetchFromGitHub {
@ -57,12 +53,7 @@ let
name = "screen-keys";
paths =
let
screenKeyScript =
{
position ? "bottom",
size ? "small",
...
}:
screenKeyScript = { position ? "bottom", size ? "small", ... }:
pkgs.writeShellScriptBin "screenkeys-${position}-${size}" # sh
''
${pkgs.screenkey}/bin/screenkey \
@ -74,29 +65,15 @@ let
"$@"
'';
in
lib.flatten (
lib.flip map
[
"large"
"small"
"medium"
]
(
size:
lib.flip map [
"top"
"center"
"bottom"
] (position: screenKeyScript { inherit size position; })
)
);
lib.flatten (lib.flip map [ "large" "small" "medium" ] (size:
lib.flip map [ "top" "center" "bottom" ]
(position: screenKeyScript { inherit size position; })));
};
mpvReview =
let
moveToDir =
key: dir:
pkgs.writeText "move-with-${key}.lua" ''
moveToDir = key: dir: pkgs.writeText "move-with-${key}.lua" ''
tmp_dir = "${dir}"
function move_current_track_${key}()
@ -133,6 +110,7 @@ in
config = mkIf (config.components.media.video.enable) {
home-manager.sharedModules = [
{
programs.obs-studio = {
@ -145,6 +123,7 @@ in
}
];
boot.kernelModules = [ "v4l2loopback" ];
boot.extraModulePackages = [ pkgs.linuxPackages.v4l2loopback ];
@ -158,6 +137,7 @@ in
alphaSafe
sanitizeFolder
# obs studio stuff
obs-cli
v4l-utils
@ -174,6 +154,8 @@ in
handbrake
ffmpeg-full
];
};
}

View file

@ -49,15 +49,7 @@ in
_end = ''{{ end }}'';
elseblock = index: replacement: "${_elseif index}${_replace index replacement}";
ifblock = index: replacement: "${_if index}${_replace index replacement}";
createTemplateLine =
list:
"${
concatStrings (
imap0 (
index: replacement: if index == 0 then ifblock index replacement else elseblock index replacement
) list
)
}${_end}";
createTemplateLine = list: "${concatStrings (imap0 (index: replacement: if index == 0 then ifblock index replacement else elseblock index replacement) list)}${_end}";
in
[
{
@ -125,7 +117,8 @@ in
}
{
# Map facility to human readable
template = {
template =
{
source = "facility_label";
template = createTemplateLine [
"kern" # Kernel messages

View file

@ -1,9 +1,4 @@
{
pkgs,
config,
lib,
...
}:
{ pkgs, config, lib, ... }:
with lib;
with types;
{
@ -23,11 +18,9 @@ with types;
{
job_name = "zfs";
scrape_interval = "10s";
static_configs = [
{
static_configs = [{
targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.zfs.port}" ];
}
];
}];
}
];
service.pipelines.metrics.receivers = [ "prometheus" ];

View file

@ -1,9 +1,4 @@
{
lib,
pkgs,
config,
...
}:
{ lib, pkgs, config, ... }:
with lib;
with types;
{

View file

@ -1,9 +1,4 @@
{
config,
pkgs,
lib,
...
}:
{ config, pkgs, lib, ... }:
with lib;
with types;
let
@ -29,9 +24,7 @@ in
receivers.influxdb.endpoint = "127.0.0.1:${toString cfg.influxDBPort}";
service.pipelines.metrics.receivers = [ "influxdb" ];
};
services.telegraf.extraConfig.outputs.influxdb_v2.urls = [
"http://127.0.0.1:${toString cfg.influxDBPort}"
];
services.telegraf.extraConfig.outputs.influxdb_v2.urls = [ "http://127.0.0.1:${toString cfg.influxDBPort}" ];
})
(mkIf config.components.monitor.telegraf.enable {

View file

@ -1,9 +1,4 @@
{
pkgs,
config,
lib,
...
}:
{ pkgs, config, lib, ... }:
with lib;
with types;
let
@ -27,10 +22,7 @@ in
description = "endpoint to ship opentelementry data too";
};
exporter.debug = mkOption {
type = nullOr (enum [
"logs"
"metrics"
]);
type = nullOr (enum [ "logs" "metrics" ]);
default = null;
description = "enable debug exporter.";
};
@ -69,13 +61,11 @@ in
include = ".*";
match_type = "regexp";
action = "update";
operations = [
{
operations = [{
action = "add_label";
new_label = "machine";
new_value = config.networking.hostName;
}
];
}];
}
];
};
@ -95,6 +85,7 @@ in
};
})
(mkIf (config.components.monitor.opentelemetry.exporter.debug != null) {
services.opentelemetry-collector.settings = {
exporters.debug = {
@ -120,26 +111,24 @@ in
})
(mkIf
(
config.components.monitor.opentelemetry.exporter.endpoint != null
&& config.components.monitor.logs.enable
config.components.monitor.opentelemetry.exporter.endpoint != null &&
config.components.monitor.logs.enable
)
{
services.opentelemetry-collector.settings = {
service.pipelines.logs.exporters = [ "otlp" ];
};
}
)
})
(mkIf
(
config.components.monitor.opentelemetry.exporter.endpoint != null
&& config.components.monitor.metrics.enable
config.components.monitor.opentelemetry.exporter.endpoint != null &&
config.components.monitor.metrics.enable
)
{
services.opentelemetry-collector.settings = {
service.pipelines.metrics.exporters = [ "otlp" ];
};
}
)
})
# ship from other instance
(mkIf (config.components.monitor.opentelemetry.receiver.endpoint != null) {
@ -149,26 +138,26 @@ in
})
(mkIf
(
config.components.monitor.opentelemetry.receiver.endpoint != null
&& config.components.monitor.logs.enable
config.components.monitor.opentelemetry.receiver.endpoint != null &&
config.components.monitor.logs.enable
)
{
services.opentelemetry-collector.settings = {
service.pipelines.logs.receivers = [ "otlp" ];
};
}
)
})
(mkIf
(
config.components.monitor.opentelemetry.receiver.endpoint != null
&& config.components.monitor.metrics.enable
config.components.monitor.opentelemetry.receiver.endpoint != null &&
config.components.monitor.metrics.enable
)
{
services.opentelemetry-collector.settings = {
service.pipelines.metrics.receivers = [ "otlp" ];
};
}
)
})
# scrape opentelemetry-colectors metrics
# todo: this should be collected another way (opentelemetry internal?)
@ -180,11 +169,9 @@ in
{
job_name = "otelcol";
scrape_interval = "10s";
static_configs = [
{
static_configs = [{
targets = [ cfg.metrics.endpoint ];
}
];
}];
metric_relabel_configs = [
{
source_labels = [ "__name__" ];

View file

@ -1,10 +1,4 @@
{
config,
lib,
pkgs,
assets,
...
}:
{ config, lib, pkgs, assets, ... }:
with lib;
{
options.components.network.nginx.enable = mkOption {
@ -22,13 +16,8 @@ with lib;
environment.systemPackages = [
pkgs.nginx-config-formatter
(pkgs.writers.writePython3Bin "nginx-show-config" {
flakeIgnore = [
"E265"
"E225"
"W292"
];
} (lib.fileContents "${assets}/nginx-show-config.py"))
(pkgs.writers.writePython3Bin "nginx-show-config" { flakeIgnore = [ "E265" "E225" "W292" ]; }
(lib.fileContents "${assets}/nginx-show-config.py"))
];
security.acme.defaults.email = "contact@ingolf-wagner.de";
@ -96,11 +85,7 @@ with lib;
root = pkgs.landingpage.override {
jsonConfig =
let
entry =
{
machine,
items ? [ ],
}:
entry = { machine, items ? [ ] }:
{
text = machine;
items = [
@ -189,12 +174,14 @@ with lib;
{
label = "Hetzner Cloud";
href = "https://console.hetzner.cloud/projects";
image = "https://media.giphy.com/media/NECZ8crkbXR0k/giphy.gif";
image =
"https://media.giphy.com/media/NECZ8crkbXR0k/giphy.gif";
}
{
label = "Cups";
href = "http://localhost:631/";
image = "https://media.giphy.com/media/7hU7x4GPurk2c/giphy.gif";
image =
"https://media.giphy.com/media/7hU7x4GPurk2c/giphy.gif";
}
];
}
@ -204,42 +191,52 @@ with lib;
{
label = "NixOS Manual";
href = "https://nixos.org/nixos/manual/";
image = "https://media.giphy.com/media/dsdVyKkSqccEzoPufX/giphy.gif";
image =
"https://media.giphy.com/media/dsdVyKkSqccEzoPufX/giphy.gif";
}
{
label = "Nixpkgs Manual";
href = "https://nixos.org/nixpkgs/manual/";
image = "https://media.giphy.com/media/dsdVyKkSqccEzoPufX/giphy.gif";
image =
"https://media.giphy.com/media/dsdVyKkSqccEzoPufX/giphy.gif";
}
{
label = "NixOS Reference";
href = "https://storage.googleapis.com/files.tazj.in/nixdoc/manual.html#sec-functions-library";
image = "https://media.giphy.com/media/LkjlH3rVETgsg/giphy.gif";
href =
"https://storage.googleapis.com/files.tazj.in/nixdoc/manual.html#sec-functions-library";
image =
"https://media.giphy.com/media/LkjlH3rVETgsg/giphy.gif";
}
{
label = "Nix Packages";
href = "https://nixos.org/nixos/packages.html";
image = "https://media.giphy.com/media/l2YWlohvjPnsvkdEc/giphy.gif";
image =
"https://media.giphy.com/media/l2YWlohvjPnsvkdEc/giphy.gif";
}
{
label = "NixOS Language specific helpers";
href = "https://nixos.wiki/wiki/Language-specific_package_helpers";
image = "https://media.giphy.com/media/LkjlH3rVETgsg/giphy.gif";
href =
"https://nixos.wiki/wiki/Language-specific_package_helpers";
image =
"https://media.giphy.com/media/LkjlH3rVETgsg/giphy.gif";
}
{
label = "NixOS Weekly";
href = "https://weekly.nixos.org/";
image = "https://media.giphy.com/media/lXiRLb0xFzmreM8k8/giphy.gif";
image =
"https://media.giphy.com/media/lXiRLb0xFzmreM8k8/giphy.gif";
}
{
label = "NixOS Security";
href = "https://broken.sh/";
image = "https://media.giphy.com/media/BqILAHjH1Ttm0/giphy.gif";
image =
"https://media.giphy.com/media/BqILAHjH1Ttm0/giphy.gif";
}
{
label = "NixOS RFCs";
href = "https://github.com/NixOS/rfcs/";
image = "https://media.giphy.com/media/Uq9bGjGKg08M0/giphy.gif";
image =
"https://media.giphy.com/media/Uq9bGjGKg08M0/giphy.gif";
}
];
}

View file

@ -1,10 +1,4 @@
{
pkgs,
config,
lib,
assets,
...
}:
{ pkgs, config, lib, assets, ... }:
with lib;
with types;
let
@ -12,7 +6,8 @@ let
cfg = config.components.network.sshd;
# maybe ascii-image-converter is also nice here
sshBanner = pkgs.runCommand "ssh-banner" { nativeBuildInputs = [ pkgs.boxes ]; } ''
sshBanner = pkgs.runCommand "ssh-banner"
{ nativeBuildInputs = [ pkgs.boxes ]; } ''
echo "${config.networking.hostName}" | boxes -d ansi -s 80x1 -a r > $out
'';

View file

@ -1,10 +1,4 @@
{
pkgs,
config,
lib,
clanLib,
...
}:
{ pkgs, config, lib, clanLib, ... }:
with lib;
let
publicKey = clanLib.readFact "ssh.id_ed25519.pub";

View file

@ -1,9 +1,4 @@
{
pkgs,
config,
lib,
...
}:
{ pkgs, config, lib, ... }:
with lib;
{
config = mkIf (config.components.network.sshd.enable) {
@ -33,66 +28,65 @@ with lib;
};
gitlab = {
hostNames = [ "gitlab.com" ];
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY=";
publicKey =
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY=";
};
gitlab-bk = {
hostNames = [
"gitlab.bk-bund-berlin.de"
"116.203.133.59"
];
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCG/sjnOlbrmpUliFtM5fmZTcm2wpUoP5OQEzFrrkkwhstCO9fMty9mp5qnKlezYA9+l78RTd218qFjSKYxTQNw=";
hostNames = [ "gitlab.bk-bund-berlin.de" "116.203.133.59" ];
publicKey =
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCG/sjnOlbrmpUliFtM5fmZTcm2wpUoP5OQEzFrrkkwhstCO9fMty9mp5qnKlezYA9+l78RTd218qFjSKYxTQNw=";
};
# space-left
gitlabSpaceLeft = {
hostNames = [ "git.space-left.org" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAapztj8I3xy6Ea8A1q7Mo5C6zdgsK1bguAXcKUDCRBO";
publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAapztj8I3xy6Ea8A1q7Mo5C6zdgsK1bguAXcKUDCRBO";
};
# c-base
"bnd-cbase" = {
hostNames = [ "bnd.cbrp3.c-base.org" ];
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKDknNl4M2WZChp1N/eRIpem2AEOceGIqvjo0ptBuwxUn0w0B8MGTVqoI+pnUVypORJRoNrLPOAkmEVr32BDN3E=";
publicKey =
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKDknNl4M2WZChp1N/eRIpem2AEOceGIqvjo0ptBuwxUn0w0B8MGTVqoI+pnUVypORJRoNrLPOAkmEVr32BDN3E=";
};
"shell.cbase" = {
hostNames = [ "shell.c-base.org" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOBKBn0mZtG3KWxpFqqcog8zvdIVrZmwj+ARujuNIAfo";
publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOBKBn0mZtG3KWxpFqqcog8zvdIVrZmwj+ARujuNIAfo";
};
"kgb.cbase" = {
hostNames = [ "kgb.cbrp3.c-base.org" ];
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAdyl7fnnCqomghJ1TDbh5FWFQWFwoO1Y1U/FpmWd8a9RcQvN0Izhg/7A+7ptDxbmpVii8hqfghlqUwtvVy7jo8=";
publicKey =
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAdyl7fnnCqomghJ1TDbh5FWFQWFwoO1Y1U/FpmWd8a9RcQvN0Izhg/7A+7ptDxbmpVii8hqfghlqUwtvVy7jo8=";
};
"cns.cbase" = {
hostNames = [ "cns.c-base.org" ];
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOtlyLA2nMK9Uqpv4EbWS+rZ9Mx4bAjURmH+zrXkuRGBcU1cKm+TZfWe9/rPX57KaMPBDyIygOJIsM2T5SqX90A=";
publicKey =
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOtlyLA2nMK9Uqpv4EbWS+rZ9Mx4bAjURmH+zrXkuRGBcU1cKm+TZfWe9/rPX57KaMPBDyIygOJIsM2T5SqX90A=";
};
"lassulus" = {
hostNames = [ "[lassul.us]:45621" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsANFdMi825qWQXQbWLYuNZ6/fARt3lnh1KStQHQQMD";
publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsANFdMi825qWQXQbWLYuNZ6/fARt3lnh1KStQHQQMD";
};
renoise = {
hostNames = [
"*.renoise.com"
"renoise.com"
"94.130.128.97"
];
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLXxhBlYQJxgcLqKywpl1tI1N/+B5bkptAnR2a3tsRybq0IHZnIkSRGUYcu5zPwJT+bitVw8BvIaGzxI+Zm2ivE=";
hostNames = [ "*.renoise.com" "renoise.com" "94.130.128.97" ];
publicKey =
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLXxhBlYQJxgcLqKywpl1tI1N/+B5bkptAnR2a3tsRybq0IHZnIkSRGUYcu5zPwJT+bitVw8BvIaGzxI+Zm2ivE=";
};
git-renoise = {
hostNames = [
"[git.renoise.com]:2229"
"[94.130.128.97]:2229"
];
publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmIOTjQsD1TaD9MiECcRqwfAXfRdbI+2pkuF+zhBUkrX41NA4LzifPY4Iw3PlklE0YGIOzYyNitzkdgxIWkeqa0Y9iL3gGZBuLFORj5YXWlDKB2RrPAsZRL8y69y4H6RWPpL6DHHsf9eT+HgRzWzzn5nUFLfkCsuM96BqjIKN1pinIBcE6gst1UUSwSTjK8XZA5d4BiSrLF4HiNXnDm+qniYGbGkzZcjn1ua+l0GdGbfg9TotFnSK/QXgN3MeHHDZKnIjOIkOXCY+L5URe0RHo6pBFdj+BLr211AJhB52MrDNudQcY6eSQiJ08LeE6SkcrsQO/VZ/JnOkHxHd2mOyH";
hostNames = [ "[git.renoise.com]:2229" "[94.130.128.97]:2229" ];
publicKey =
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmIOTjQsD1TaD9MiECcRqwfAXfRdbI+2pkuF+zhBUkrX41NA4LzifPY4Iw3PlklE0YGIOzYyNitzkdgxIWkeqa0Y9iL3gGZBuLFORj5YXWlDKB2RrPAsZRL8y69y4H6RWPpL6DHHsf9eT+HgRzWzzn5nUFLfkCsuM96BqjIKN1pinIBcE6gst1UUSwSTjK8XZA5d4BiSrLF4HiNXnDm+qniYGbGkzZcjn1ua+l0GdGbfg9TotFnSK/QXgN3MeHHDZKnIjOIkOXCY+L5URe0RHo6pBFdj+BLr211AJhB52MrDNudQcY6eSQiJ08LeE6SkcrsQO/VZ/JnOkHxHd2mOyH";
};
"siteground" = {
hostNames = [
"[es5.siteground.eu]:18765"
"[37.60.224.6]:18765"
];
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHZuvHooyHa69rU+SfOghM6yfc7bce5cMi9sh5JkoLPi+m8QEkX3oiG9rRpAhp0GYnB74M4l1+0XlxmG7/HVmq0=";
hostNames = [ "[es5.siteground.eu]:18765" "[37.60.224.6]:18765" ];
publicKey =
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHZuvHooyHa69rU+SfOghM6yfc7bce5cMi9sh5JkoLPi+m8QEkX3oiG9rRpAhp0GYnB74M4l1+0XlxmG7/HVmq0=";
};
"cracksucht.de" = {
hostNames = [ "cracksucht.de" ];
publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVqpWzX+C7veO/1MDSdh5ukFhpI4cfXevbl6DVb9gVt1wdYB0JsiMiWfl13MZJy9iEP/KfwRLYmu8i36tDR9uJfHQyLK8G7q2DhrleIPgM3dFCdDU1QtulE8hEq/ZsqzMn/QIHYIipIqzNfmC/xnpX2gIo09T7EY+n863ALlj+GqxMb4nr2XDLY+Lllo2yMzylJIz9q8U5hOmzrlCnBpf2MPMwanHXnZXj2CmO80VyBHnAMJ/h72AN1qzDaHFlhxh0Li/POc1bpDjiVjiUPgimHZWpi3VObxWLLn2zf+RH2lx0yXMccSEnkWvHp+Ll5apIUUS+vTlDo3niWpEfGZLl root@debian";
publicKey =
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVqpWzX+C7veO/1MDSdh5ukFhpI4cfXevbl6DVb9gVt1wdYB0JsiMiWfl13MZJy9iEP/KfwRLYmu8i36tDR9uJfHQyLK8G7q2DhrleIPgM3dFCdDU1QtulE8hEq/ZsqzMn/QIHYIipIqzNfmC/xnpX2gIo09T7EY+n863ALlj+GqxMb4nr2XDLY+Lllo2yMzylJIz9q8U5hOmzrlCnBpf2MPMwanHXnZXj2CmO80VyBHnAMJ/h72AN1qzDaHFlhxh0Li/POc1bpDjiVjiUPgimHZWpi3VObxWLLn2zf+RH2lx0yXMccSEnkWvHp+Ll5apIUUS+vTlDo3niWpEfGZLl root@debian";
};
};

View file

@ -1,34 +1,34 @@
{
lib,
config,
clanLib,
...
}:
{ lib, config, clanLib, ... }:
with lib;
with types;
let
machines = clanLib.allMachineNames;
publicKey = clanLib.readFact "ssh.id_ed25519.pub";
tld = config.clan.static-hosts.topLevelDomain;
knownHosts = lib.genAttrs machines (machine: {
knownHosts = lib.genAttrs machines
(machine:
{
hostNames = [
"${machine}"
"${machine}.${tld}"
"${machine}.private"
];
publicKey = publicKey machine;
});
}
);
bootMachines = clanLib.readFactFromAllMachines "ssh.boot.id_ed25519.pub";
knownBootHosts = lib.mapAttrs' (
machine: publicKey:
nameValuePair "boot_${machine}" {
knownBootHosts = lib.mapAttrs'
(machine: publicKey: nameValuePair
"boot_${machine}"
{
inherit publicKey;
hostNames = [
"[${machine}]:2222"
"[${machine}.public]:2222"
];
}
) bootMachines;
)
bootMachines;
in
{

View file

@ -1,13 +1,5 @@
{
config,
lib,
pkgs,
factsGenerator,
clanLib,
...
}:
with lib;
{
{ config, lib, pkgs, factsGenerator, clanLib, ... }:
with lib; {
# networking.firewall.interfaces."gummybears".allowedTCPPorts = [ 8384 ];
@ -27,12 +19,7 @@ with lib;
id = facts."syncthing.pub";
addresses = [ "tcp://[${facts."zerotier-ip"}]:22000" ];
})
(
clanLib.readFactsFromAllMachines [
"syncthing.pub"
"zerotier-ip"
]
);
(clanLib.readFactsFromAllMachines [ "syncthing.pub" "zerotier-ip" ]);
device = machine: id: {
"${machine}" = {
name = machine;
@ -43,26 +30,20 @@ with lib;
in
clanMachines
// (device "iPhone" "RPQBSRB-DYEUUWQ-EAPMBA2-PL4MJ73-Y4F4ZTH-TAD7DUE-GEK56BG-HYW6YAF")
// (device "bumba" "JS7PWTO-VKFGBUP-GNFLSWP-MGFJ2KH-HLO2LKW-V3RPCR6-PCB5SQC-42FCKQZ");
// (device "bumba" "JS7PWTO-VKFGBUP-GNFLSWP-MGFJ2KH-HLO2LKW-V3RPCR6-PCB5SQC-42FCKQZ")
;
settings.folders = {
audiobooks = {
enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/audiobooks";
devices = [
"chungus"
"orbi"
];
devices = [ "chungus" "orbi" ];
};
books = {
enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/books";
devices = [
"chungus"
"cream"
"cherry"
];
devices = [ "chungus" "cream" "cherry" ];
versioning = {
type = "simple";
params.keep = "2";
@ -71,20 +52,12 @@ with lib;
desktop = {
enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/desktop";
devices = [
"chungus"
"cream"
"cherry"
];
devices = [ "chungus" "cream" "cherry" ];
};
finance = {
enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/finance";
devices = [
"chungus"
"cream"
"cherry"
];
devices = [ "chungus" "cream" "cherry" ];
versioning = {
type = "simple";
params.keep = "10";
@ -93,46 +66,27 @@ with lib;
flix = {
enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/flix";
devices = [
"chungus"
"orbi"
];
devices = [ "chungus" "orbi" ];
};
logseq = {
enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/logseq";
devices = [
"chungus"
"cream"
"cherry"
"iPhone"
];
devices = [ "chungus" "cream" "cherry" "iPhone" ];
};
lectures = {
enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/lectures";
devices = [
"chungus"
"orbi"
];
devices = [ "chungus" "orbi" ];
};
oscar_cpap = {
enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/oscar_cpap";
devices = [
"chungus"
"cream"
"cherry"
];
devices = [ "chungus" "cream" "cherry" ];
};
password-store = {
enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/password-store";
devices = [
"chungus"
"cream"
"cherry"
];
devices = [ "chungus" "cream" "cherry" ];
versioning = {
type = "simple";
params.keep = "10";
@ -142,11 +96,7 @@ with lib;
share = {
enable = lib.mkDefault false;
path = lib.mkDefault "/tmp/password-store";
devices = [
"cream"
"cherry"
"orbi"
];
devices = [ "cream" "cherry" "orbi" ];
};
};
};

View file

@ -1,10 +1,4 @@
{
lib,
config,
factsGenerator,
clanLib,
...
}:
{ lib, config, factsGenerator, clanLib, ... }:
with lib;
{
@ -26,21 +20,18 @@ with lib;
};
config = mkMerge [
(mkIf config.tinc.private.enable (
import ./private.nix {
(mkIf config.tinc.private.enable (import ./private.nix {
ipv4 = config.tinc.private.ipv4;
ipv6 = null;
inherit (lib) optionalString concatStringsSep mapAttrsToList;
inherit config factsGenerator clanLib;
}
))
(mkIf config.tinc.secret.enable (
import ./secret.nix {
}))
(mkIf config.tinc.secret.enable (import ./secret.nix {
ipv4 = config.tinc.secret.ipv4;
ipv6 = null;
inherit (lib) optionalString concatStringsSep mapAttrsToList;
inherit config factsGenerator clanLib;
}
))
}))
];
}

View file

@ -1,13 +1,12 @@
{
ipv4,
ipv6,
config,
optionalString,
concatStringsSep,
factsGenerator,
mapAttrsToList,
clanLib,
...
{ ipv4
, ipv6
, config
, optionalString
, concatStringsSep
, factsGenerator
, mapAttrsToList
, clanLib
, ...
}:
let
hosts = {
@ -52,8 +51,7 @@ in
services.tinc.networks = {
${network} = {
ed25519PrivateKeyFile =
config.clan.core.facts.services.tinc_private.secret."tinc.private.ed25519_key.priv".path;
ed25519PrivateKeyFile = config.clan.core.facts.services.tinc_private.secret."tinc.private.ed25519_key.priv".path;
interfaceType = "tap";
extraConfig = ''
LocalDiscovery = yes
@ -102,8 +100,6 @@ in
LinkLocalAddressing = no
'';
networking.extraHosts = concatStringsSep "\n" (
mapAttrsToList (name: ip: "${ip} ${name}.${network}") (hosts // subDomains)
);
networking.extraHosts = concatStringsSep "\n" (mapAttrsToList (name: ip: "${ip} ${name}.${network}") (hosts // subDomains));
}

View file

@ -1,12 +1,11 @@
{
ipv4,
ipv6,
config,
optionalString,
concatStringsSep,
mapAttrsToList,
factsGenerator,
...
{ ipv4
, ipv6
, config
, optionalString
, concatStringsSep
, mapAttrsToList
, factsGenerator
, ...
}:
let
port = 721;
@ -24,8 +23,7 @@ in
services.tinc.networks = {
${network} = {
ed25519PrivateKeyFile =
config.clan.core.facts.services.tinc_secret.secret."tinc.secret.ed25519_key.priv".path;
ed25519PrivateKeyFile = config.clan.core.facts.services.tinc_secret.secret."tinc.secret.ed25519_key.priv".path;
extraConfig = ''
LocalDiscovery = yes
Port = ${toString port}
@ -48,12 +46,7 @@ in
settings.Ed25519PublicKey = "r6mRDc814z2YtyG9ev/XXV2SgquqWR8n53V13xNXb7O";
};
robi = {
addresses = [
{
address = "144.76.13.147";
port = port;
}
];
addresses = [{ address = "144.76.13.147"; port = port; }];
subnets = [{ address = hosts.robi; }];
settings.Ed25519PublicKey = "bZUbSdME4fwudNVbUoNO7PpoOS2xALsyTs81F260KbL";
};
@ -75,37 +68,23 @@ in
LinkLocalAddressing = no
'';
networking.extraHosts = concatStringsSep "\n" (
mapAttrsToList (name: ip: "${ip} ${name}.${network}") hosts
);
networking.extraHosts = concatStringsSep "\n" (mapAttrsToList (name: ip: "${ip} ${name}.${network}") hosts);
services.openssh.knownHosts = {
"cream.${network}" = {
hostNames = [
"cream.${network}"
hosts.cream
];
hostNames = [ "cream.${network}" hosts.cream ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIConHiCL7INgAhuN6Z9TqP0zP+xNpdV7+OHwUca4IRDD";
};
"sternchen.${network}" = {
hostNames = [
"sterni.${network}"
hosts.sterni
];
hostNames = [ "sterni.${network}" hosts.sterni ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILriD/0+65L1mkbjKENwpvB3wUMXz/rEf9J8wuJjJa0q";
};
"sterni.${network}" = {
hostNames = [
"sterni.${network}"
hosts.sterni
];
hostNames = [ "sterni.${network}" hosts.sterni ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEQRH4gzT4vWSx3KN80ePPYhSPZRUae/qSyEym6pJTht";
};
"robi" = {
hostNames = [
"robi.${network}"
hosts.robi
];
hostNames = [ "robi.${network}" hosts.robi ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK2PGX6cZuBUGX4VweMzi0aRh4uQ61yngCzZGcK3w5XV";
};
};

View file

@ -1,9 +1,4 @@
{
config,
lib,
pkgs,
...
}:
{ config, lib, pkgs, ... }:
with lib;
with types;
{
@ -27,6 +22,7 @@ with types;
# Setting this value to 1 means to try activation once, without retry.
networking.networkmanager.settings.main.autoconnect-retries-default = 999;
hardware.enableRedistributableFirmware = true;
# because Networkd-wait-online is just failing.
@ -51,3 +47,4 @@ with types;
};
}

View file

@ -28,4 +28,6 @@ with lib;
'';
};
}

View file

@ -1,10 +1,5 @@
# MIT Jörg Thalheim - https://github.com/Mic92/dotfiles/blob/c6cad4e57016945c4816c8ec6f0a94daaa0c3203/nixos/modules/upgrade-diff.nix
{
config,
lib,
pkgs,
...
}:
{ config, lib, pkgs, ... }:
{
options.components.nixos.update-diff.enable = lib.mkOption {

View file

@ -1,9 +1,4 @@
{
pkgs,
config,
lib,
...
}:
{ pkgs, config, lib, ... }:
with lib;
{
options.components.terminal.bash.enable = mkOption {
@ -21,6 +16,7 @@ with lib;
interactiveShellInit = "set -o vi";
shellAliases = {
ls = "ls --color=tty";
l = "ls -CFh";

View file

@ -1,9 +1,4 @@
{
config,
pkgs,
lib,
...
}:
{ config, pkgs, lib, ... }:
with lib;
{
options.components.terminal = {

View file

@ -1,9 +1,4 @@
{
pkgs,
config,
lib,
...
}:
{ pkgs, config, lib, ... }:
with lib;
{
options.components.terminal.direnv.enable = mkOption {
@ -17,10 +12,7 @@ with lib;
home-manager.sharedModules = [
{
programs.direnv.enable = true;
programs.git.ignores = [
".envrc"
".direnv"
];
programs.git.ignores = [ ".envrc" ".direnv" ];
}
];

View file

@ -1,9 +1,4 @@
{
config,
pkgs,
lib,
...
}:
{ config, pkgs, lib, ... }:
with lib;
{
options.components.terminal.git.enable = mkOption {
@ -13,6 +8,7 @@ with lib;
config = mkIf (config.components.terminal.git.enable) {
environment.systemPackages = with pkgs; [
git
gita
@ -33,3 +29,4 @@ with lib;
];
};
}

View file

@ -1,9 +1,4 @@
{
config,
lib,
pkgs,
...
}:
{ config, lib, pkgs, ... }:
with lib;
{
options.components.terminal.heygpt.enable = mkOption {

View file

@ -1,9 +1,4 @@
{
pkgs,
config,
lib,
...
}:
{ pkgs, config, lib, ... }:
with lib;
let
hoardSrc = pkgs.fetchFromGitHub {
@ -36,26 +31,10 @@ in
config_home_path = "/home/palo/.config/hoard";
trove_path = "/home/palo/.config/hoard/trove.yml";
query_prefix = " >";
primary_color = [
87
142
87
];
secondary_color = [
203
184
144
];
tertiary_color = [
30
30
30
];
command_color = [
30
30
30
];
primary_color = [ 87 142 87 ];
secondary_color = [ 203 184 144 ];
tertiary_color = [ 30 30 30 ];
command_color = [ 30 30 30 ];
parameter_token = "#";
read_from_current_directory = true;
};

View file

@ -1,9 +1,4 @@
{
pkgs,
config,
lib,
...
}:
{ pkgs, config, lib, ... }:
with lib;
{
options.components.terminal.remote-install.enable = mkOption {

View file

@ -1,9 +1,4 @@
{
pkgs,
config,
lib,
...
}:
{ pkgs, config, lib, ... }:
with lib;
let
@ -59,8 +54,8 @@ let
echo
'';
userHighlight =
map ({ user, ... }: user) (builtins.attrValues config.services.browser.configList)
userHighlight = map ({ user, ... }: user)
(builtins.attrValues config.services.browser.configList)
++ [ "steam" ];
activeUsers = pkgs.writers.writeBash "active-users" ''
@ -68,20 +63,14 @@ let
| ${pkgs.gnused}/bin/sed '1 d' \
| ${pkgs.coreutils}/bin/sort \
| ${pkgs.coreutils}/bin/uniq \
| ${pkgs.gnugrep}/bin/egrep --color=always '(${pkgs.lib.concatStringsSep "|" userHighlight})|$'
| ${pkgs.gnugrep}/bin/egrep --color=always '(${
pkgs.lib.concatStringsSep "|" userHighlight
})|$'
'';
# default settings
wtfModule =
args@{
height ? 1,
width ? 1,
top,
left,
enabled ? true,
type,
...
}:
args@{ height ? 1, width ? 1, top, left, enabled ? true, type, ... }:
{
enabled = enabled;
focusable = false;
@ -89,50 +78,33 @@ let
position.left = left;
position.height = height;
position.width = width;
}
// (lib.filterAttrs (
key: _:
lib.all (x: x != key) [
"height"
"width"
"top"
"left"
]
) args);
} // (lib.filterAttrs
(key: _: lib.all (x: x != key) [ "height" "width" "top" "left" ])
args);
# command runner module
cmdRunner =
args@{ cmd, ... }:
wtfModule (
{
cmdRunner = args@{ cmd, ... }:
wtfModule ({
type = "cmdrunner";
focusable = false;
refreshInterval = 300;
}
// args
);
} // args);
modules = {
inherit cmdRunner;
digitalclock =
args@{ top, left, ... }:
cmdRunner (
{
digitalclock = args@{ top, left, ... }:
cmdRunner ({
cmd = pkgs.writers.writeDash "clock" ''
${pkgs.toilet}/bin/toilet --font future `${pkgs.coreutils}/bin/date +"%a %H:%M"`
${pkgs.coreutils}/bin/date +"%B %d %Y"
'';
title = "";
refreshInterval = 30;
}
// args
);
} // args);
clocks =
args@{ top, left, ... }:
wtfModule (
{
clocks = args@{ top, left, ... }:
wtfModule ({
type = "clocks";
title = "";
border = false;
@ -149,37 +121,25 @@ let
};
sort = "alphabetical";
refreshInterval = 60;
}
// args
);
} // args);
resourceusage =
args@{ top, left, ... }:
wtfModule (
{
resourceusage = args@{ top, left, ... }:
wtfModule ({
type = "resourceusage";
title = "";
cpuCombined = false;
refreshInterval = 5;
}
// args
);
} // args);
power =
args@{ top, left, ... }:
wtfModule (
{
power = args@{ top, left, ... }:
wtfModule ({
type = "power";
title = "";
refreshInterval = 100;
}
// args
);
} // args);
prettyweather =
args@{ top, left, ... }:
wtfModule (
{
prettyweather = args@{ top, left, ... }:
wtfModule ({
type = "prettyweather";
title = "";
city = "Essen";
@ -187,19 +147,10 @@ let
view = 0;
language = "en";
refreshInterval = 3600;
}
// args
);
} // args);
feedreader =
args@{
top,
left,
feeds,
...
}:
wtfModule (
{
feedreader = args@{ top, left, feeds, ... }:
wtfModule ({
type = "feedreader";
title = "";
refreshInterval = 3600;
@ -209,20 +160,10 @@ let
even = "white";
odd = "white";
};
}
// args
);
} // args);
github =
args@{
top,
left,
username,
apiKey,
...
}:
wtfModule (
{
github = args@{ top, left, username, apiKey, ... }:
wtfModule ({
type = "github";
title = "";
refreshInterval = 3600;
@ -237,9 +178,7 @@ let
# - "wtfutil/wtf"
# - "wtfutil/docs"
# - "umbrella-corp/wesker-api"
}
// args
);
} // args);
};
@ -252,20 +191,8 @@ let
normal = "green";
};
grid = {
columns = [
28
0
0
];
rows = [
9
9
9
9
9
9
0
];
columns = [ 28 0 0 ];
rows = [ 9 9 9 9 9 9 0 ];
};
refreshInterval = 1;
mods = with modules; {
@ -300,7 +227,8 @@ let
top = 4;
left = 1;
height = 1;
feeds = [ "https://latesthackingnews.com/category/hacking-tools/feed/" ];
feeds =
[ "https://latesthackingnews.com/category/hacking-tools/feed/" ];
};
nixos = feedreader {
title = "NixOS Weekly";
@ -337,20 +265,8 @@ let
normal = "green";
};
grid = {
columns = [
33
12
28
36
0
];
rows = [
9
4
6
6
0
];
columns = [ 33 12 28 36 0 ];
rows = [ 9 4 6 6 0 ];
};
refreshInterval = 1;
mods = with modules; {
@ -396,12 +312,7 @@ let
calendar = cmdRunner {
title = "";
args = [
"-3"
"--monday"
"--color=never"
"-w"
];
args = [ "-3" "--monday" "--color=never" "-w" ];
cmd = "cal";
top = 1;
left = 1;
@ -463,12 +374,9 @@ let
};
};
createDashboard =
{ json, name }:
let
configuration = pkgs.writeText "config.yml" (builtins.toJSON json);
in
pkgs.writers.writeBashBin name ''
createDashboard = { json, name }:
let configuration = pkgs.writeText "config.yml" (builtins.toJSON json);
in pkgs.writers.writeBashBin name ''
${pkgs.wtf}/bin/wtfutil --config=${toString configuration}
'';

View file

@ -1,9 +1,4 @@
{
pkgs,
config,
lib,
...
}:
{ pkgs, config, lib, ... }:
with lib;
{
options.components.terminal.zsh.enable = mkOption {

View file

@ -1,9 +1,4 @@
{
config,
lib,
pkgs,
...
}:
{ config, lib, pkgs, ... }:
with lib;
{

View file

@ -1,9 +1,4 @@
{
config,
lib,
pkgs,
...
}:
{ config, lib, pkgs, ... }:
with lib;
{

View file

@ -1,9 +1,4 @@
{
config,
lib,
pkgs,
...
}:
{ config, lib, pkgs, ... }:
with lib;
{

View file

@ -1,9 +1,4 @@
{
config,
lib,
pkgs,
...
}:
{ config, lib, pkgs, ... }:
with lib;
{

View file

@ -1,12 +1,7 @@
# References:
# * https://github.com/drduh/YubiKey-Guide
# * https://nixos.wiki/wiki/Yubikey
{
config,
pkgs,
lib,
...
}:
{ config, pkgs, lib, ... }:
with lib;
{
@ -21,6 +16,7 @@ with lib;
services.pcscd.enable = true;
services.udev.packages = [ pkgs.yubikey-personalization ];
environment.systemPackages = [
pkgs.yubikey-personalization

View file

@ -1,11 +1,4 @@
{
config,
lib,
pkgs,
factsGenerator,
clanLib,
...
}:
{ config, lib, pkgs, factsGenerator, clanLib, ... }:
with lib;
with types;
@ -18,7 +11,8 @@ with types;
kernelModules = mkOption {
type = listOf str;
default = [ ];
description = "nix-shell -p pciutils --run 'lspci -v' will tell you which kernel module is used for the ethernet interface";
description =
"nix-shell -p pciutils --run 'lspci -v' will tell you which kernel module is used for the ethernet interface";
};
};
@ -48,3 +42,4 @@ with types;
};
}

View file

@ -1,11 +1,4 @@
{
config,
lib,
pkgs,
factsGenerator,
clanLib,
...
}:
{ config, lib, pkgs, factsGenerator, clanLib, ... }:
with lib;
with types;
{
@ -23,13 +16,14 @@ with types;
name = "initrd";
addressPrefix = "init";
};
boot.initrd.secrets = mapAttrs' (name: file: nameValuePair "/etc/tor/onion/bootup/${name}" file) (
genAttrs [
boot.initrd.secrets =
mapAttrs' (name: file: nameValuePair "/etc/tor/onion/bootup/${name}" file)
(genAttrs [
"hostname"
"hs_ed25519_public_key"
"hs_ed25519_secret_key"
] (secret: config.clan.core.facts.services."initrd.tor".secret."tor.initrd.${secret}".path)
);
]
(secret: config.clan.core.facts.services."initrd.tor".secret."tor.initrd.${secret}".path));
boot.initrd.systemd.storePaths = [
pkgs.tor
@ -49,10 +43,7 @@ with types;
boot.initrd.systemd.services.tor = {
description = "tor during init";
wantedBy = [ "initrd.target" ];
after = [
"network.target"
"initrd-nixos-copy-secrets.service"
];
after = [ "network.target" "initrd-nixos-copy-secrets.service" ];
before = [ "shutdown.target" ];
conflicts = [ "shutdown.target" ];
@ -62,7 +53,8 @@ with types;
pkgs.iproute2
pkgs.coreutils
];
script = ''
script =
''
echo "tor: preparing onion folder"
# have to do this otherwise tor does not want to start
chmod -R 700 /etc/tor
@ -74,3 +66,4 @@ with types;
};
};
}

View file

@ -1,9 +1,4 @@
{
config,
lib,
pkgs,
...
}:
{ config, lib, pkgs, ... }:
with lib;
{
options.features.network.fail2ban.enable = mkOption {

View file

@ -1,10 +1,4 @@
{
pkgs,
config,
lib,
assets,
...
}:
{ pkgs, config, lib, assets, ... }:
with lib;
with types;
{

View file

@ -843,8 +843,7 @@
"retiolum": "retiolum",
"srvos": "srvos",
"stylix": "stylix",
"taskshell": "taskshell",
"treefmt-nix": "treefmt-nix_3"
"taskshell": "taskshell"
}
},
"sops-nix": {
@ -1030,26 +1029,6 @@
"repo": "treefmt-nix",
"type": "github"
}
},
"treefmt-nix_3": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1724833132,
"narHash": "sha256-F4djBvyNRAXGusJiNYInqR6zIMI3rvlp6WiKwsRISos=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "3ffd842a5f50f435d3e603312eefa4790db46af5",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
}
},
"root": "root",

129
flake.nix
View file

@ -58,11 +58,6 @@
srvos.url = "github:nix-community/srvos";
treefmt-nix = {
url = "github:numtide/treefmt-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
landingpage = {
#url = "git+file:///home/palo/dev/landingpage";
url = "github:mrVanDalo/landingpage";
@ -96,30 +91,28 @@
};
outputs =
inputs@{
self,
clan-core,
clan-fact-generators,
flake-parts,
home-manager,
home-manager-utils,
kmonad,
landingpage,
nixos-anywhere,
nixos-hardware,
nixpkgs,
nixpkgs-legacy_2211,
nixpkgs-legacy_2311,
nixpkgs-legacy_2405,
nixpkgs-unstable-small,
permown,
polygon-art,
private_assets,
retiolum,
srvos,
stylix,
taskshell,
treefmt-nix,
inputs@{ self
, clan-core
, clan-fact-generators
, flake-parts
, home-manager
, home-manager-utils
, kmonad
, landingpage
, nixos-anywhere
, nixos-hardware
, nixpkgs
, nixpkgs-legacy_2211
, nixpkgs-legacy_2311
, nixpkgs-legacy_2405
, nixpkgs-unstable-small
, permown
, polygon-art
, private_assets
, retiolum
, srvos
, stylix
, taskshell
}:
let
@ -172,10 +165,7 @@
inherit inputs;
assets = ./assets;
factsGenerator = clan-fact-generators.lib { inherit pkgs; };
clanLib = import ./lib/clanlib.nix {
inherit (pkgs) lib;
machineDir = ./machines;
};
clanLib = import ./lib/clanlib.nix { inherit (pkgs) lib; machineDir = ./machines; };
zerotierDeviceName = "ztbn67ogn2";
components = ./components;
features = ./features;
@ -183,36 +173,30 @@
};
clanSetup =
{
name,
host,
modules,
}:
{
{ name
, host
, modules
}: {
clan.core.networking.targetHost = lib.mkDefault "root@${host}";
nixpkgs.pkgs = meta.pkgs;
nixpkgs.hostPlatform = meta.system;
clan.core.facts.secretStore = "password-store";
imports =
modules
++ defaultModules
++ [
imports = modules ++ defaultModules ++ [
./machines/${name}/configuration.nix
];
};
zerotierControllerModule = {
zerotierControllerModule =
{
clan.core.networking.zerotier.controller = {
enable = true;
public = false;
};
};
zerotierModules =
{ pkgs, ... }:
{
zerotierModules = { pkgs, ... }: {
imports = [
# this magically adds all my machines in the zero tier network
@ -247,9 +231,7 @@
_module.args.inputs = self.inputs;
}
# ssh keys
(
{ config, ... }:
{
({ config, ... }: {
users.users.root.openssh.authorizedKeys.keyFiles = [
# master key
./assets/mrvandalo_rsa.pub
@ -257,8 +239,7 @@
"${config.clan.core.clanDir}/machines/chungus/facts/ssh.syncoid.id_ed25519.pub"
"${config.clan.core.clanDir}/machines/chungus/facts/ssh.rbackup.id_ed25519.pub"
];
}
)
})
{
# disable emergency mode everywhere, although it might be needed on laptops
boot.initrd.systemd.emergencyAccess = false;
@ -269,20 +250,11 @@
systemd.enableEmergencyMode = false;
}
# configure nix
(
{
pkgs,
lib,
clanLib,
...
}:
({ pkgs, lib, clanLib, ... }:
{
nix.settings.substituters = [ "http://cache.orbi.wg0" ];
nix.settings.trusted-public-keys = [ (clanLib.readFact "nix-serve.pub" "orbi") ];
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nix.settings.max-jobs = 1;
# no channesl needed this way
nix.nixPath = [ "nixpkgs=${pkgs.path}" ];
@ -310,8 +282,7 @@
boot.loader.systemd-boot.configurationLimit = lib.mkDefault 10;
boot.loader.generic-extlinux-compatible.configurationLimit = lib.mkDefault 10;
boot.loader.grub.configurationLimit = lib.mkDefault 10;
}
)
})
# My Structure
./components
./features
@ -322,20 +293,15 @@
permown.nixosModules.permown
kmonad.nixosModules.default
# some default things I always want
(
{ pkgs, ... }:
{
({ pkgs, ... }: {
boot.tmp.useTmpfs = lib.mkDefault true;
environment.systemPackages = [
pkgs.nixpkgs-fmt
];
}
)
})
];
stylixModules =
{ pkgs, config, ... }:
{
stylixModules = { pkgs, config, ... }: {
imports = [ stylix.nixosModules.stylix ];
stylix.enable = true;
stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-light-medium.yaml";
@ -361,9 +327,7 @@
};
};
homeManagerModules =
{ pkgs, config, ... }:
{
homeManagerModules = { pkgs, config, ... }: {
imports = [
home-manager.nixosModules.home-manager
];
@ -381,9 +345,7 @@
in
flake-parts.lib.mkFlake { inherit inputs; } (
{ self, pkgs, ... }:
{
flake-parts.lib.mkFlake { inherit inputs; } ({ self, pkgs, ... }: {
# We define our own systems below. you can still use this to add system specific outputs to your flake.
# See: https://flake.parts/getting-started
systems = [ "x86_64-linux" ];
@ -391,12 +353,9 @@
# import clan-core modules
imports = [
clan-core.flakeModules.default
./nix/formatter.nix
];
perSystem =
{ pkgs, ... }:
{
perSystem = { pkgs, ... }: {
packages.pkl = pkgs.callPackage ./pkgs/pkl { };
};
@ -537,7 +496,7 @@
};
}
);
});
}

View file

@ -1,9 +1,4 @@
{
pkgs,
config,
lib,
...
}:
{ pkgs, config, lib, ... }:
with lib;
{
programs.oh-my-posh = {

View file

@ -86,9 +86,7 @@
},
{
"background": "#427B58",
"background_templates": [
"{{ if gt .Code 0 }}#9D0006{{ end }}"
],
"background_templates": ["{{ if gt .Code 0 }}#9D0006{{ end }}"],
"foreground": "#EBDBB2",
"leading_diamond": "<transparent,background>\ue0b0</>",
"properties": {

View file

@ -13,13 +13,9 @@
},
{
"background": "#fbf1c7",
"background_templates": [
"{{ if .Root }}#af3a03{{ end }}"
],
"background_templates": ["{{ if .Root }}#af3a03{{ end }}"],
"foreground": "#282828",
"foreground_templates": [
"{{ if .Root }}#fbf1c7{{ end }}"
],
"foreground_templates": ["{{ if .Root }}#fbf1c7{{ end }}"],
"powerline_symbol": "\ue0b0",
"style": "powerline",
"template": " {{ if .SSHSession }} {{ end }}{{ .HostName }} ",

View file

@ -1,9 +1,4 @@
{
config,
pkgs,
lib,
...
}:
{ config, pkgs, lib, ... }:
with pkgs;
with lib;
{
@ -46,6 +41,7 @@ with lib;
}
(mkIf config.gui.enable {
home.packages = [
libreoffice

View file

@ -1,9 +1,4 @@
{
lib,
pkgs,
assets,
...
}:
{ lib, pkgs, assets, ... }:
{
programs.zsh = {

View file

@ -1,9 +1,4 @@
{
config,
pkgs,
lib,
...
}:
{ config, pkgs, lib, ... }:
with pkgs;
with lib;
{

View file

@ -1,5 +1,4 @@
{ pkgs, ... }:
{
{ pkgs, ... }: {
imports = [
../common

View file

@ -1,9 +1,4 @@
{
config,
pkgs,
lib,
...
}:
{ config, pkgs, lib, ... }:
with lib;
{
config = mkMerge [

View file

@ -10,15 +10,7 @@ with pkgs;
key = "42AC51C9482D0834CF488AF1389EC2D64AC71EAC";
signByDefault = true;
};
ignores = [
"*.swp"
"*~"
".idea"
".*penis.*"
"result"
".envrc"
".direnv"
];
ignores = [ "*.swp" "*~" ".idea" ".*penis.*" "result" ".envrc" ".direnv" ];
extraConfig = {
init.defaultBranch = "main";
pull.ff = "only";
@ -27,6 +19,7 @@ with pkgs;
difftastic.enable = true;
};
home.packages = [
pre-commit
gita

View file

@ -12,7 +12,8 @@
keyserver = "keyserver.ubuntu.com";
personal-digest-preferences = "SHA512";
cert-digest-algo = "SHA512";
default-preference-list = "SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed";
default-preference-list =
"SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed";
};
};

View file

@ -1,9 +1,4 @@
{
pkgs,
lib,
config,
...
}:
{ pkgs, lib, config, ... }:
with lib;
{

View file

@ -1,9 +1,4 @@
{
lib,
pkgs,
config,
...
}:
{ lib, pkgs, config, ... }:
with lib;
{
@ -36,5 +31,6 @@ with lib;
};
};
};
}

View file

@ -158,3 +158,4 @@
'';
}

View file

@ -1,20 +1,8 @@
{
config,
lib,
pkgs,
osConfig,
...
}:
{ config, lib, pkgs, osConfig, ... }:
with lib;
let
rofi = pkgs.rofi.override {
plugins = [
pkgs.rofi-emoji
pkgs.rofi-calc
pkgs.xdotool
];
};
rofi = pkgs.rofi.override { plugins = [ pkgs.rofi-emoji pkgs.rofi-calc pkgs.xdotool ]; };
backgroundCommand = pkgs.writers.writeDash "background" ''
${pkgs.xorg.xrandr}/bin/xrandr | grep " connected" | grep "primary" | \
@ -152,25 +140,21 @@ in
focus = {
followMouse = true;
};
colors.focused = with config.lib.stylix.colors.withHashtag; {
colors.focused =
with config.lib.stylix.colors.withHashtag;
{
# stylix color overrides
border = lib.mkForce base08;
background = lib.mkForce base0A;
text = lib.mkForce base00;
};
startup = [
startup =
[
#{ command = "${pkgs.jellyfin-mpv-shim}/bin/jellyfin-mpv-shim"; always = false; }
{ command = "${pkgs.networkmanagerapplet}/bin/nm-applet --indicator"; always = true; }
{ command = toString backgroundCommand; always = true; }
{
command = "${pkgs.networkmanagerapplet}/bin/nm-applet --indicator";
always = true;
}
{
command = toString backgroundCommand;
always = true;
}
{
command = toString (
pkgs.writers.writeDash "xsettings" ''
command = toString (pkgs.writers.writeDash "xsettings" ''
# to allow sudo commands to access X
${pkgs.xorg.xhost}/bin/xhost +
# no shitty pcspkr crap
@ -178,15 +162,13 @@ in
# no sleeping monitor
${pkgs.xorg.xset}/bin/xset -dpms
${pkgs.xorg.xset}/bin/xset s off
''
);
'');
always = true;
}
];
bars = [
(
config.lib.stylix.i3.bar
// {
(config.lib.stylix.i3.bar //
{
#mode = "hide";
hiddenState = "hide";
position = "top";

View file

@ -1,9 +1,4 @@
{
pkgs,
lib,
config,
...
}:
{ pkgs, lib, config, ... }:
with pkgs;
with lib;
{
@ -34,18 +29,15 @@ with lib;
jetbrains.pycharm-professional
# planing
(
(ganttproject-bin.override {
((ganttproject-bin.override {
jre = pkgs.openjdk11;
}).overrideAttrs
(old: {
}).overrideAttrs (old: {
version = "3.1.3100";
src = pkgs.fetchzip {
url = "https://dl.ganttproject.biz/ganttproject-3.1.3100/ganttproject-3.1.3100.zip";
sha256 = "sha256-hw2paak0P670/kemiuqYHIaN0uUtkVKy+AX2X7OdnJ4=";
};
})
)
}))
# Pkl
# ---
@ -109,8 +101,7 @@ with lib;
{
home.packages =
let
pandocScript =
{ inputFormat, outputFormat }:
pandocScript = { inputFormat, outputFormat }:
pkgs.writers.writeDashBin "pandoc-from-${inputFormat}-to-${outputFormat}" ''
${pkgs.pandoc}/bin/pandoc \
--from ${inputFormat} \
@ -144,26 +135,10 @@ with lib;
${pkgs.less}/bin/less
'')
]
++ (map pandocScript (
lib.cartesianProduct {
inputFormat = [
"man"
"markdown"
"mediawiki"
"asciidoc"
];
outputFormat = [
"mediawiki"
"docbook5"
"html5"
"man"
"jira"
"markdown"
"asciidoc"
];
}
));
] ++ (map pandocScript (lib.cartesianProduct {
inputFormat = [ "man" "markdown" "mediawiki" "asciidoc" ];
outputFormat = [ "mediawiki" "docbook5" "html5" "man" "jira" "markdown" "asciidoc" ];
}));
}
];

View file

@ -1,9 +1,4 @@
{
config,
lib,
pkgs,
...
}:
{ config, lib, pkgs, ... }:
with pkgs;
with lib;
{

View file

@ -1,9 +1,4 @@
{
config,
lib,
pkgs,
...
}:
{ config, lib, pkgs, ... }:
with pkgs;
with lib;
{

View file

@ -1,9 +1,4 @@
{
pkgs,
lib,
config,
...
}:
{ pkgs, lib, config, ... }:
with pkgs;
with lib;
{

View file

@ -1,16 +1,10 @@
{
config,
lib,
pkgs,
...
}:
{ config, lib, pkgs, ... }:
with pkgs;
with lib;
let
nextcloud-client = pkgs.legacy_2311.nextcloud-client;
nextcloudSync =
folder:
nextcloudSync = folder:
let
password = "$( ${pkgs.pass}/bin/pass show home/nextcloud/palo/nextcloudcmd-token )";
user = "palo";
@ -22,7 +16,8 @@ let
"https://${user}:${password}@nextcloud.ingolf-wagner.de"
'';
borrow = pkgs.writers.writeDashBin "borrow" ''
borrow = pkgs.writers.writeDashBin "borrow"
''
${getExe hledger-ui} \
--all \
--theme=terminal \

View file

@ -1,9 +1,4 @@
{
config,
lib,
pkgs,
...
}:
{ config, lib, pkgs, ... }:
with pkgs;
with lib;
{
@ -13,6 +8,7 @@ with lib;
# ¯\_(ツ)_/¯
home.packages = [
nixos-shell
# bluetooth gui

View file

@ -1,9 +1,4 @@
{
config,
lib,
pkgs,
...
}:
{ config, lib, pkgs, ... }:
with pkgs;
with lib;
{

View file

@ -1,9 +1,4 @@
{
pkgs,
lib,
config,
...
}:
{ pkgs, lib, config, ... }:
{
home.packages = [ pkgs.sshuttle ];

View file

@ -1,40 +1,21 @@
{
config,
pkgs,
lib,
...
}:
{ config, pkgs, lib, ... }:
with lib;
with types;
let
mkMagicMergeOption =
{
description ? "",
example ? { },
default ? { },
apply ? id,
...
}:
mkMagicMergeOption = { description ? "", example ? { }, default ? { }, apply ? id, ... }:
mkOption {
inherit
example
description
default
apply
;
type =
with lib.types;
inherit example description default apply;
type = with lib.types;
let
valueType =
nullOr (oneOf [
valueType = nullOr
(oneOf [
bool
int
float
str
(attrsOf valueType)
(listOf valueType)
])
// {
]) // {
description = "bool, int, float or str";
emptyValue.value = { };
};
@ -42,6 +23,7 @@ let
valueType;
};
taskwarrior-tui = pkgs.legacy_2311.taskwarrior-tui;
in
@ -49,8 +31,7 @@ in
{
# bugwarrior (a bit fiddly)
imports = [
{
imports = [{
options.bugwarrior.config = mkMagicMergeOption {
type = attrs;
@ -58,9 +39,7 @@ in
};
config = {
home.file.".config/bugwarrior/bugwarrior.toml".source =
(pkgs.formats.toml { }).generate "bugwarriorrc.toml"
config.bugwarrior.config;
home.file.".config/bugwarrior/bugwarrior.toml".source = (pkgs.formats.toml { }).generate "bugwarriorrc.toml" config.bugwarrior.config;
# todo : before deleting this, put it in logseq
home.packages = [
@ -82,12 +61,12 @@ in
];
};
}
];
}];
config = mkIf config.gui.enable {
home.packages = with pkgs; [
home.packages = with pkgs;
[
taskwarrior
taskwarrior-tui

View file

@ -1,9 +1,4 @@
{
config,
lib,
pkgs,
...
}:
{ config, lib, pkgs, ... }:
with pkgs;
with lib;
{
@ -11,14 +6,10 @@ with lib;
home.packages = [
logseq
];
home.file.".config/Logseq/Preferences".source =
(pkgs.formats.json { }).generate "LogseqPreferences.json"
home.file.".config/Logseq/Preferences".source = (pkgs.formats.json { }).generate "LogseqPreferences.json"
{
spellcheck = {
dictionaries = [
"en-US"
"de-DE"
];
dictionaries = [ "en-US" "de-DE" ];
dictionary = "";
};
};

View file

@ -1,9 +1,4 @@
{
config,
lib,
pkgs,
...
}:
{ config, lib, pkgs, ... }:
with pkgs;
with lib;
{
@ -30,7 +25,10 @@ with lib;
pdfarranger
calibre
];
};
}

View file

@ -1,16 +1,11 @@
{
# cat ~/.ssh/id_rsa.pub
publicSshKey ? "",
# remote-install-get-hiddenReceiver
hiddenReceiver ? "",
publicSshKey ? ""
, # remote-install-get-hiddenReceiver
hiddenReceiver ? ""
,
}:
{
config,
lib,
pkgs,
...
}:
{
{ config, lib, pkgs, ... }: {
imports = [
{
@ -18,9 +13,7 @@
networking.hostName = "liveos";
users.extraUsers = {
root = {
openssh.authorizedKeys.keys = [ publicSshKey ];
};
root = { openssh.authorizedKeys.keys = [ publicSshKey ]; };
};
}
{
@ -111,20 +104,15 @@
client.enable = true;
relay.onionServices.hidden-ssh = {
version = 3;
map = [
{
map = [{
port = 22;
target.port = 22;
}
];
}];
};
};
systemd.services.hidden-ssh-announce = {
description = "irc announce hidden ssh";
after = [
"tor.service"
"network-online.target"
];
after = [ "tor.service" "network-online.target" ];
wants = [ "tor.service" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {

View file

@ -1,13 +1,9 @@
{
config,
lib,
pkgs,
...
}:
{ config, lib, pkgs, ... }:
{
imports = [
imports =
[
# Include the results of the hardware scan.
./hardware-configuration.nix
@ -46,9 +42,7 @@
services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw== contact@ingolf-wagner.de"
];
users.users.root.openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw== contact@ingolf-wagner.de" ];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
@ -58,4 +52,5 @@
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.11"; # Did you read the comment?
}

View file

@ -4,7 +4,8 @@ let
remote-access = import ../lib/remote-access.nix {
# cat ~/.ssh/id_rsa.pub
publicSshKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw==";
publicSshKey =
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw==";
# remote-install-get-hiddenReceiver
hiddenReceiver = "";

View file

@ -1,22 +1,10 @@
{
pkgs,
lib,
config,
...
}:
{
users.users.mainUser.extraGroups = [
"audio"
"pipewire"
];
{ pkgs, lib, config, ... }: {
users.users.mainUser.extraGroups = [ "audio" "pipewire" ];
hardware.pulseaudio = {
enable = true;
package = pkgs.pulseaudioFull;
};
environment.systemPackages = with pkgs; [
alsaUtils
pavucontrol
];
environment.systemPackages = with pkgs; [ alsaUtils pavucontrol ];
}

View file

@ -1,15 +1,6 @@
{
pkgs,
lib,
config,
...
}:
{
{ pkgs, lib, config, ... }: {
imports = [
./x11.nix
./audio.nix
];
imports = [ ./x11.nix ./audio.nix ];
#networking.networkmanager.enable = true;
#networking.wireless.enable = false;

View file

@ -1,10 +1,4 @@
{
pkgs,
config,
lib,
...
}:
{
{ pkgs, config, lib, ... }: {
services.xserver = {
enable = true;
@ -50,11 +44,6 @@
# Packages
# --------
environment.systemPackages = with pkgs; [
flameshot
pavucontrol
mumble
vlc
];
environment.systemPackages = with pkgs; [ flameshot pavucontrol mumble vlc ];
}

View file

@ -1,19 +1,17 @@
{
config,
lib,
pkgs,
...
}:
{ config, lib, pkgs, ... }:
{
imports = [
imports =
[
# Include the results of the hardware scan.
./hardware-configuration.nix
];
networking.hostName = "nixos";
# grub configuraton
# -----------------
boot.loader.grub.enable = true;
@ -43,9 +41,7 @@
services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw== contact@ingolf-wagner.de"
];
users.users.root.openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw== contact@ingolf-wagner.de" ];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
@ -55,4 +51,5 @@
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.11"; # Did you read the comment?
}

View file

@ -8,7 +8,8 @@ let
plainTextPassword = "";
};
remote-access = import ../lib/remote-access.nix {
publicSshKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw==";
publicSshKey =
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw==";
hiddenReceiver = "";
};
in
@ -16,10 +17,7 @@ in
imports = [ remote-access ];
environment.systemPackages = [
pkgs.chntpw
pkgs.ntfs3g
];
environment.systemPackages = [ pkgs.chntpw pkgs.ntfs3g ];
networking.dhcpcd.enable = true;
networking.wireless = {

View file

@ -12,7 +12,8 @@ let
sha256 = "0rzy06a5xgfjpaklxdgrxml24d0vhk78lb577l3z4x7a2p32dbyq";
};
buildInputs = [ pkgs.pandoc ];
installPhase = "pandoc --highlight-style pygments -s --toc README.md -o $out";
installPhase =
"pandoc --highlight-style pygments -s --toc README.md -o $out";
};
in
{

View file

@ -3,14 +3,17 @@ let
allMachineNames = lib.mapAttrsToList (name: _: name) (builtins.readDir machineDir);
getFactPath = fact: machine: "${machineDir}/${machine}/facts/${fact}";
getFactPath = fact: machine:
"${machineDir}/${machine}/facts/${fact}";
readFact =
fact: machine:
readFact = fact: machine:
let
path = getFactPath fact machine;
in
if builtins.pathExists path then builtins.readFile path else null;
if builtins.pathExists path then
builtins.readFile path
else
null;
# Example:
#
@ -19,8 +22,7 @@ let
# machineA = "1.2.3.4";
# machineB = "5.6.7.8";
# };
readFactFromAllMachines =
fact:
readFactFromAllMachines = fact:
let
machines = allMachineNames;
facts = lib.genAttrs machines (readFact fact);
@ -45,27 +47,18 @@ let
# "synching.pub" = "23456719";
# };
# };
readFactsFromAllMachines =
facts:
readFactsFromAllMachines = facts:
let
# machine -> fact -> factvalue
machinesFactsAttrs = lib.genAttrs allMachineNames (
machine: lib.genAttrs facts (fact: readFact fact machine)
);
machinesFactsAttrs = lib.genAttrs allMachineNames (machine: lib.genAttrs facts (fact: readFact fact machine));
# remove all machines which don't have all facts set
filteredMachineFactAttrs = lib.filterAttrs (
_machine: values: builtins.all (fact: values.${fact} != null) facts
) machinesFactsAttrs;
filteredMachineFactAttrs =
lib.filterAttrs (_machine: values: builtins.all (fact: values.${fact} != null) facts)
machinesFactsAttrs;
in
filteredMachineFactAttrs;
in
{
inherit
allMachineNames
getFactPath
readFact
readFactFromAllMachines
readFactsFromAllMachines
;
}
{ inherit allMachineNames getFactPath readFact readFactFromAllMachines readFactsFromAllMachines; }

View file

@ -1,9 +1,4 @@
{
config,
lib,
pkgs,
...
}:
{ config, lib, pkgs, ... }:
let
interface = "wlp170s0";
in

View file

@ -1,9 +1,4 @@
{
config,
pkgs,
lib,
...
}:
{ config, pkgs, lib, ... }:
{
imports = [
@ -42,6 +37,7 @@
# (promptKey "pushover.user_key") //
# (promptKey "pushover.api_key");
components.virtualisation.enable = true;
components.gui.enable = true;
@ -56,13 +52,11 @@
components.monitor.opentelemetry.exporter.endpoint = "10.100.0.1:4317"; # orbi
#components.monitor.opentelemetry.exporter.debug = "logs";
home-manager.users.mainUser.home.sessionPath = [ "$HOME/.timewarrior/scripts" ];
home-manager.users.mainUser.bugwarrior.config = {
general = {
targets = [
"terranix"
"my_github"
];
targets = [ "terranix" "my_github" ];
log_level = "INFO";
static_fields = [ "priority" ];
merge_annotations = false;
@ -90,15 +84,12 @@
add_tags = "github";
include_user_issues = true;
include_user_repos = true;
exclude_repos = [
"azubi"
"csv-to-qif"
"stepp0r"
];
exclude_repos = [ "azubi" "csv-to-qif" "stepp0r" ];
};
# todo : add github issues
};
users.users.mainUser.extraGroups = [ "pipewire" ];
services.nginx.enable = true;

View file

@ -1,9 +1,4 @@
{
lib,
config,
factsGenerator,
...
}:
{ lib, config, factsGenerator, ... }:
{
imports = [
./disko-config.nix
@ -29,4 +24,6 @@
ACTION=="add|change", KERNEL=="sd[a-z]*[0-9]*|mmcblk[0-9]*p[0-9]*|nvme[0-9]*n[0-9]*p[0-9]*", ENV{ID_FS_TYPE}=="zfs_member", ATTR{../queue/scheduler}="none"
'';
}

View file

@ -70,3 +70,4 @@
};
}

View file

@ -14,8 +14,6 @@
hardware.graphics.enable32Bit = true;
hardware.graphics.extraPackages32 = with pkgs.pkgsi686Linux; [ intel-vaapi-driver ];
environment.sessionVariables = {
LIBVA_DRIVER_NAME = "i965";
}; # Optionally, set the environment variable
environment.sessionVariables = { LIBVA_DRIVER_NAME = "i965"; }; # Optionally, set the environment variable
}

View file

@ -1,26 +1,15 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}:
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [
imports =
[
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [
"xhci_pci"
"thunderbolt"
"nvme"
"usb_storage"
"sd_mod"
];
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];

View file

@ -7,10 +7,8 @@
networking.retiolum.nodename = "cherry";
services.tinc.networks.retiolum = {
ed25519PrivateKeyFile =
config.clan.core.facts.services.tinc_retiolum.secret."tinc.retiolum.ed25519_key.priv".path;
rsaPrivateKeyFile =
config.clan.core.facts.services.tinc_retiolum.secret."tinc.retiolum.rsa_key.priv".path;
ed25519PrivateKeyFile = config.clan.core.facts.services.tinc_retiolum.secret."tinc.retiolum.ed25519_key.priv".path;
rsaPrivateKeyFile = config.clan.core.facts.services.tinc_retiolum.secret."tinc.retiolum.rsa_key.priv".path;
};
#fileSystems."/retiolum/sicily" = {

View file

@ -1,9 +1,4 @@
{
config,
factsGenerator,
clanLib,
...
}:
{ config, factsGenerator, clanLib, ... }:
{
networking.firewall.allowedUDPPorts = [ 51820 ];
clan.core.facts.services.wireguard = factsGenerator.wireguard { name = "wg0"; };

View file

@ -14,14 +14,10 @@
};
home-manager.users.root.home.packages = [
(pkgs.writers.writeBashBin "wg1-up" ''
${pkgs.wireguard-tools}/bin/wg-quick up ${
config.clan.core.facts.services.wg1.secret."wg1.conf".path
}
${pkgs.wireguard-tools}/bin/wg-quick up ${config.clan.core.facts.services.wg1.secret."wg1.conf".path}
'')
(pkgs.writers.writeBashBin "wg1-down" ''
${pkgs.wireguard-tools}/bin/wg-quick down ${
config.clan.core.facts.services.wg1.secret."wg1.conf".path
}
${pkgs.wireguard-tools}/bin/wg-quick down ${config.clan.core.facts.services.wg1.secret."wg1.conf".path}
'')
];
}

Some files were not shown because too many files have changed in this diff Show more