Compare commits
No commits in common. "7a6510a4e65d6c3b5e0bc788e2f340612d288872" and "2bc86a4912a72188f1c1d9535d799570c6676155" have entirely different histories.
7a6510a4e6
...
2bc86a4912
200 changed files with 2080 additions and 3450 deletions
|
@ -1,15 +1,18 @@
|
|||
name: Build all NixOS Configurations
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- "**"
|
||||
schedule:
|
||||
- cron: "30 2/6 * * *" # not to frequent, GitHub only allows a few pulls per hour
|
||||
|
||||
jobs:
|
||||
nix build:
|
||||
runs-on: native
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
- name: update nix flakes
|
||||
if: ${{ github.event_name == 'schedule' }}
|
||||
# we need to use our ssh key here because we need access to private flakes
|
||||
|
@ -27,6 +30,7 @@ jobs:
|
|||
echo $SSH_AGENT_PID
|
||||
kill $SSH_AGENT_PID
|
||||
rm .ssh_key
|
||||
|
||||
- name: nix flake archive/check
|
||||
# we need to use our ssh key here because we need access to private flakes
|
||||
run: |
|
||||
|
@ -44,16 +48,22 @@ jobs:
|
|||
echo $SSH_AGENT_PID
|
||||
kill $SSH_AGENT_PID
|
||||
rm .ssh_key
|
||||
|
||||
- name: nix build orbi
|
||||
run: nix build .#nixosConfigurations.orbi.config.system.build.toplevel
|
||||
|
||||
- name: nix build cream
|
||||
run: nix build .#nixosConfigurations.cream.config.system.build.toplevel
|
||||
|
||||
- name: nix build cherry
|
||||
run: nix build .#nixosConfigurations.cherry.config.system.build.toplevel
|
||||
|
||||
- name: nix build chungus
|
||||
run: nix build .#nixosConfigurations.chungus.config.system.build.toplevel
|
||||
|
||||
- name: nix build usbstick
|
||||
run: nix build .#nixosConfigurations.usbstick.config.system.build.toplevel
|
||||
|
||||
- name: commit & push
|
||||
if: ${{ github.event_name == 'schedule' }}
|
||||
# only if all nix builds are fine we update our branch
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
{ config, lib, pkgs, ... }:
|
||||
with lib;
|
||||
{
|
||||
|
||||
|
|
|
@ -14,4 +14,5 @@
|
|||
./yubikey.nix
|
||||
];
|
||||
|
||||
|
||||
}
|
||||
|
|
|
@ -1,10 +1,5 @@
|
|||
# TODO test `alsactl init` after suspend to reinit mic
|
||||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ pkgs, config, lib, ... }:
|
||||
with lib;
|
||||
{
|
||||
options.components.gui.audio.enable = mkOption {
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
pkgs,
|
||||
lib,
|
||||
config,
|
||||
...
|
||||
}:
|
||||
{ pkgs, lib, config, ... }:
|
||||
with lib;
|
||||
{
|
||||
options.components.gui = {
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
pkgs,
|
||||
lib,
|
||||
config,
|
||||
...
|
||||
}:
|
||||
{ pkgs, lib, config, ... }:
|
||||
with lib;
|
||||
{
|
||||
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ config, pkgs, lib, ... }:
|
||||
{
|
||||
|
||||
options.components.gui.kmonad.enable = lib.mkOption {
|
||||
|
@ -84,21 +79,9 @@
|
|||
|
||||
in
|
||||
{
|
||||
nativ = keyboard "/dev/input/by-path/platform-i8042-serio-0-event-kbd" [
|
||||
"lctl"
|
||||
"lmet"
|
||||
"lalt"
|
||||
];
|
||||
dasKeyboard = keyboard "/dev/input/by-id/usb-Metadot_-_Das_Keyboard_Das_Keyboard-event-kbd" [
|
||||
"lctl"
|
||||
"lmet"
|
||||
"lalt"
|
||||
];
|
||||
uhk = keyboard "/dev/input/by-id/usb-Ultimate_Gadget_Laboratories_UHK_60_v2-event-kbd" [
|
||||
"lctl"
|
||||
"lmet"
|
||||
"lalt"
|
||||
];
|
||||
nativ = keyboard "/dev/input/by-path/platform-i8042-serio-0-event-kbd" [ "lctl" "lmet" "lalt" ];
|
||||
dasKeyboard = keyboard "/dev/input/by-id/usb-Metadot_-_Das_Keyboard_Das_Keyboard-event-kbd" [ "lctl" "lmet" "lalt" ];
|
||||
uhk = keyboard "/dev/input/by-id/usb-Ultimate_Gadget_Laboratories_UHK_60_v2-event-kbd" [ "lctl" "lmet" "lalt" ];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
# notify me when a command is finished
|
||||
# todo : secret managment is shit
|
||||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ config, pkgs, lib, ... }:
|
||||
with lib;
|
||||
{
|
||||
options.components.gui.noti.enable = mkOption {
|
||||
|
|
|
@ -1,17 +1,11 @@
|
|||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ pkgs, config, lib, ... }:
|
||||
with lib;
|
||||
let
|
||||
|
||||
# desktop file
|
||||
# ------------
|
||||
# makes it possible to be used by other programs
|
||||
desktopFile =
|
||||
name: bin:
|
||||
desktopFile = name: bin:
|
||||
pkgs.writeTextFile {
|
||||
name = "${name}.desktop";
|
||||
destination = "/share/applications/${name}.desktop";
|
||||
|
@ -40,9 +34,7 @@ in
|
|||
environment.systemPackages = [
|
||||
(pkgs.pass.withExtensions (ext: [ ext.pass-otp ]))
|
||||
# todo : use upstream desktop file creator
|
||||
(desktopFile "passmenu" "${
|
||||
pkgs.pass.withExtensions (ext: [ ext.pass-otp ])
|
||||
}/bin/passmenu --type -l 10")
|
||||
(desktopFile "passmenu" "${pkgs.pass.withExtensions (ext: [ext.pass-otp])}/bin/passmenu --type -l 10")
|
||||
|
||||
pkgs.otpmenu
|
||||
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ config, pkgs, lib, ... }:
|
||||
with lib;
|
||||
{
|
||||
options.components.gui.steam.enable = mkOption {
|
||||
|
@ -27,12 +22,7 @@ with lib;
|
|||
isSystemUser = true;
|
||||
home = "/home/steam";
|
||||
createHome = true;
|
||||
extraGroups = [
|
||||
"audio"
|
||||
"input"
|
||||
"video"
|
||||
"pipewire"
|
||||
];
|
||||
extraGroups = [ "audio" "input" "video" "pipewire" ];
|
||||
group = "steam";
|
||||
shell = pkgs.bashInteractive;
|
||||
};
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ pkgs, config, lib, ... }:
|
||||
with lib;
|
||||
{
|
||||
options.components.gui.suspend.enable = mkOption {
|
||||
|
@ -18,11 +13,13 @@ with lib;
|
|||
requiredBy = [ "sleep.target" ];
|
||||
environment =
|
||||
let
|
||||
display = if (config.services.xserver.display != null) then config.services.xserver.display else 0;
|
||||
display =
|
||||
if (config.services.xserver.display != null) then
|
||||
config.services.xserver.display
|
||||
else
|
||||
0;
|
||||
in
|
||||
{
|
||||
DISPLAY = ":${toString display}";
|
||||
};
|
||||
{ DISPLAY = ":${toString display}"; };
|
||||
script = ''
|
||||
${pkgs.xlockmore}/bin/xlock -mode life1d -size 1 &
|
||||
sleep 1
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ config, pkgs, lib, ... }:
|
||||
with lib;
|
||||
{
|
||||
options.components.gui.vscode.enable = mkOption {
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ config, pkgs, lib, ... }:
|
||||
with lib;
|
||||
{
|
||||
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ config, pkgs, lib, ... }:
|
||||
with lib;
|
||||
{
|
||||
|
||||
|
@ -83,3 +78,4 @@ with lib;
|
|||
|
||||
};
|
||||
}
|
||||
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
lib,
|
||||
pkgs,
|
||||
config,
|
||||
...
|
||||
}:
|
||||
{ lib, pkgs, config, ... }:
|
||||
with lib;
|
||||
let
|
||||
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ config, pkgs, lib, ... }:
|
||||
with lib;
|
||||
with types;
|
||||
let
|
||||
|
@ -11,10 +6,15 @@ let
|
|||
cfg = config.components.mainUser;
|
||||
|
||||
# todo : use optionalList
|
||||
dockerGroup = if (config.virtualisation.docker.enable) then [ "docker" ] else [ ];
|
||||
dockerGroup =
|
||||
if (config.virtualisation.docker.enable) then [ "docker" ] else [ ];
|
||||
|
||||
# todo : use optionalList
|
||||
vboxGroup = if (config.virtualisation.virtualbox.host.enable) then [ "vboxusers" ] else [ ];
|
||||
vboxGroup =
|
||||
if (config.virtualisation.virtualbox.host.enable) then
|
||||
[ "vboxusers" ]
|
||||
else
|
||||
[ ];
|
||||
|
||||
in
|
||||
{
|
||||
|
@ -73,16 +73,8 @@ in
|
|||
uid = cfg.uid;
|
||||
home = "/home/${cfg.userName}";
|
||||
initialPassword = cfg.userName;
|
||||
extraGroups = [
|
||||
"wheel"
|
||||
"networkmanager"
|
||||
"transmission"
|
||||
"wireshark"
|
||||
"audio"
|
||||
"pipewire"
|
||||
"input"
|
||||
"dialout"
|
||||
] ++ dockerGroup ++ vboxGroup ++ cfg.extraGroups;
|
||||
extraGroups = [ "wheel" "networkmanager" "transmission" "wireshark" "audio" "pipewire" "input" "dialout" ]
|
||||
++ dockerGroup ++ vboxGroup ++ cfg.extraGroups;
|
||||
openssh.authorizedKeys.keyFiles = cfg.authorizedKeyFiles;
|
||||
group = config.users.groups.mainUser.name;
|
||||
};
|
||||
|
|
|
@ -4,12 +4,7 @@
|
|||
# * connect via mixxx to it.
|
||||
# * add the podcast to mpd in the same network
|
||||
# --------------------------------------------------
|
||||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ pkgs, config, lib, ... }:
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ pkgs, config, lib, ... }:
|
||||
with lib;
|
||||
{
|
||||
|
||||
|
|
|
@ -1,14 +1,10 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
obs-cmd = pkgs.rustPlatform.buildRustPackage rec {
|
||||
obs-cmd = pkgs.rustPlatform.buildRustPackage
|
||||
rec {
|
||||
pname = "obs-cmd";
|
||||
version = "v0.15.2";
|
||||
src = pkgs.fetchFromGitHub {
|
||||
|
@ -57,12 +53,7 @@ let
|
|||
name = "screen-keys";
|
||||
paths =
|
||||
let
|
||||
screenKeyScript =
|
||||
{
|
||||
position ? "bottom",
|
||||
size ? "small",
|
||||
...
|
||||
}:
|
||||
screenKeyScript = { position ? "bottom", size ? "small", ... }:
|
||||
pkgs.writeShellScriptBin "screenkeys-${position}-${size}" # sh
|
||||
''
|
||||
${pkgs.screenkey}/bin/screenkey \
|
||||
|
@ -74,29 +65,15 @@ let
|
|||
"$@"
|
||||
'';
|
||||
in
|
||||
lib.flatten (
|
||||
lib.flip map
|
||||
[
|
||||
"large"
|
||||
"small"
|
||||
"medium"
|
||||
]
|
||||
(
|
||||
size:
|
||||
lib.flip map [
|
||||
"top"
|
||||
"center"
|
||||
"bottom"
|
||||
] (position: screenKeyScript { inherit size position; })
|
||||
)
|
||||
);
|
||||
lib.flatten (lib.flip map [ "large" "small" "medium" ] (size:
|
||||
lib.flip map [ "top" "center" "bottom" ]
|
||||
(position: screenKeyScript { inherit size position; })));
|
||||
};
|
||||
|
||||
|
||||
mpvReview =
|
||||
let
|
||||
moveToDir =
|
||||
key: dir:
|
||||
pkgs.writeText "move-with-${key}.lua" ''
|
||||
moveToDir = key: dir: pkgs.writeText "move-with-${key}.lua" ''
|
||||
tmp_dir = "${dir}"
|
||||
|
||||
function move_current_track_${key}()
|
||||
|
@ -133,6 +110,7 @@ in
|
|||
|
||||
config = mkIf (config.components.media.video.enable) {
|
||||
|
||||
|
||||
home-manager.sharedModules = [
|
||||
{
|
||||
programs.obs-studio = {
|
||||
|
@ -145,6 +123,7 @@ in
|
|||
}
|
||||
];
|
||||
|
||||
|
||||
boot.kernelModules = [ "v4l2loopback" ];
|
||||
boot.extraModulePackages = [ pkgs.linuxPackages.v4l2loopback ];
|
||||
|
||||
|
@ -158,6 +137,7 @@ in
|
|||
alphaSafe
|
||||
sanitizeFolder
|
||||
|
||||
|
||||
# obs studio stuff
|
||||
obs-cli
|
||||
v4l-utils
|
||||
|
@ -174,6 +154,8 @@ in
|
|||
handbrake
|
||||
ffmpeg-full
|
||||
|
||||
|
||||
];
|
||||
};
|
||||
}
|
||||
|
||||
|
|
|
@ -49,15 +49,7 @@ in
|
|||
_end = ''{{ end }}'';
|
||||
elseblock = index: replacement: "${_elseif index}${_replace index replacement}";
|
||||
ifblock = index: replacement: "${_if index}${_replace index replacement}";
|
||||
createTemplateLine =
|
||||
list:
|
||||
"${
|
||||
concatStrings (
|
||||
imap0 (
|
||||
index: replacement: if index == 0 then ifblock index replacement else elseblock index replacement
|
||||
) list
|
||||
)
|
||||
}${_end}";
|
||||
createTemplateLine = list: "${concatStrings (imap0 (index: replacement: if index == 0 then ifblock index replacement else elseblock index replacement) list)}${_end}";
|
||||
in
|
||||
[
|
||||
{
|
||||
|
@ -125,7 +117,8 @@ in
|
|||
}
|
||||
{
|
||||
# Map facility to human readable
|
||||
template = {
|
||||
template =
|
||||
{
|
||||
source = "facility_label";
|
||||
template = createTemplateLine [
|
||||
"kern" # Kernel messages
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ pkgs, config, lib, ... }:
|
||||
with lib;
|
||||
with types;
|
||||
{
|
||||
|
@ -23,11 +18,9 @@ with types;
|
|||
{
|
||||
job_name = "zfs";
|
||||
scrape_interval = "10s";
|
||||
static_configs = [
|
||||
{
|
||||
static_configs = [{
|
||||
targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.zfs.port}" ];
|
||||
}
|
||||
];
|
||||
}];
|
||||
}
|
||||
];
|
||||
service.pipelines.metrics.receivers = [ "prometheus" ];
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
lib,
|
||||
pkgs,
|
||||
config,
|
||||
...
|
||||
}:
|
||||
{ lib, pkgs, config, ... }:
|
||||
with lib;
|
||||
with types;
|
||||
{
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ config, pkgs, lib, ... }:
|
||||
with lib;
|
||||
with types;
|
||||
let
|
||||
|
@ -29,9 +24,7 @@ in
|
|||
receivers.influxdb.endpoint = "127.0.0.1:${toString cfg.influxDBPort}";
|
||||
service.pipelines.metrics.receivers = [ "influxdb" ];
|
||||
};
|
||||
services.telegraf.extraConfig.outputs.influxdb_v2.urls = [
|
||||
"http://127.0.0.1:${toString cfg.influxDBPort}"
|
||||
];
|
||||
services.telegraf.extraConfig.outputs.influxdb_v2.urls = [ "http://127.0.0.1:${toString cfg.influxDBPort}" ];
|
||||
})
|
||||
|
||||
(mkIf config.components.monitor.telegraf.enable {
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ pkgs, config, lib, ... }:
|
||||
with lib;
|
||||
with types;
|
||||
let
|
||||
|
@ -27,10 +22,7 @@ in
|
|||
description = "endpoint to ship opentelementry data too";
|
||||
};
|
||||
exporter.debug = mkOption {
|
||||
type = nullOr (enum [
|
||||
"logs"
|
||||
"metrics"
|
||||
]);
|
||||
type = nullOr (enum [ "logs" "metrics" ]);
|
||||
default = null;
|
||||
description = "enable debug exporter.";
|
||||
};
|
||||
|
@ -69,13 +61,11 @@ in
|
|||
include = ".*";
|
||||
match_type = "regexp";
|
||||
action = "update";
|
||||
operations = [
|
||||
{
|
||||
operations = [{
|
||||
action = "add_label";
|
||||
new_label = "machine";
|
||||
new_value = config.networking.hostName;
|
||||
}
|
||||
];
|
||||
}];
|
||||
}
|
||||
];
|
||||
};
|
||||
|
@ -95,6 +85,7 @@ in
|
|||
};
|
||||
})
|
||||
|
||||
|
||||
(mkIf (config.components.monitor.opentelemetry.exporter.debug != null) {
|
||||
services.opentelemetry-collector.settings = {
|
||||
exporters.debug = {
|
||||
|
@ -120,26 +111,24 @@ in
|
|||
})
|
||||
(mkIf
|
||||
(
|
||||
config.components.monitor.opentelemetry.exporter.endpoint != null
|
||||
&& config.components.monitor.logs.enable
|
||||
config.components.monitor.opentelemetry.exporter.endpoint != null &&
|
||||
config.components.monitor.logs.enable
|
||||
)
|
||||
{
|
||||
services.opentelemetry-collector.settings = {
|
||||
service.pipelines.logs.exporters = [ "otlp" ];
|
||||
};
|
||||
}
|
||||
)
|
||||
})
|
||||
(mkIf
|
||||
(
|
||||
config.components.monitor.opentelemetry.exporter.endpoint != null
|
||||
&& config.components.monitor.metrics.enable
|
||||
config.components.monitor.opentelemetry.exporter.endpoint != null &&
|
||||
config.components.monitor.metrics.enable
|
||||
)
|
||||
{
|
||||
services.opentelemetry-collector.settings = {
|
||||
service.pipelines.metrics.exporters = [ "otlp" ];
|
||||
};
|
||||
}
|
||||
)
|
||||
})
|
||||
|
||||
# ship from other instance
|
||||
(mkIf (config.components.monitor.opentelemetry.receiver.endpoint != null) {
|
||||
|
@ -149,26 +138,26 @@ in
|
|||
})
|
||||
(mkIf
|
||||
(
|
||||
config.components.monitor.opentelemetry.receiver.endpoint != null
|
||||
&& config.components.monitor.logs.enable
|
||||
config.components.monitor.opentelemetry.receiver.endpoint != null &&
|
||||
config.components.monitor.logs.enable
|
||||
)
|
||||
{
|
||||
services.opentelemetry-collector.settings = {
|
||||
service.pipelines.logs.receivers = [ "otlp" ];
|
||||
};
|
||||
}
|
||||
)
|
||||
})
|
||||
(mkIf
|
||||
(
|
||||
config.components.monitor.opentelemetry.receiver.endpoint != null
|
||||
&& config.components.monitor.metrics.enable
|
||||
config.components.monitor.opentelemetry.receiver.endpoint != null &&
|
||||
config.components.monitor.metrics.enable
|
||||
)
|
||||
{
|
||||
services.opentelemetry-collector.settings = {
|
||||
service.pipelines.metrics.receivers = [ "otlp" ];
|
||||
};
|
||||
}
|
||||
)
|
||||
})
|
||||
|
||||
|
||||
|
||||
# scrape opentelemetry-colectors metrics
|
||||
# todo: this should be collected another way (opentelemetry internal?)
|
||||
|
@ -180,11 +169,9 @@ in
|
|||
{
|
||||
job_name = "otelcol";
|
||||
scrape_interval = "10s";
|
||||
static_configs = [
|
||||
{
|
||||
static_configs = [{
|
||||
targets = [ cfg.metrics.endpoint ];
|
||||
}
|
||||
];
|
||||
}];
|
||||
metric_relabel_configs = [
|
||||
{
|
||||
source_labels = [ "__name__" ];
|
||||
|
|
|
@ -1,10 +1,4 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
assets,
|
||||
...
|
||||
}:
|
||||
{ config, lib, pkgs, assets, ... }:
|
||||
with lib;
|
||||
{
|
||||
options.components.network.nginx.enable = mkOption {
|
||||
|
@ -22,13 +16,8 @@ with lib;
|
|||
|
||||
environment.systemPackages = [
|
||||
pkgs.nginx-config-formatter
|
||||
(pkgs.writers.writePython3Bin "nginx-show-config" {
|
||||
flakeIgnore = [
|
||||
"E265"
|
||||
"E225"
|
||||
"W292"
|
||||
];
|
||||
} (lib.fileContents "${assets}/nginx-show-config.py"))
|
||||
(pkgs.writers.writePython3Bin "nginx-show-config" { flakeIgnore = [ "E265" "E225" "W292" ]; }
|
||||
(lib.fileContents "${assets}/nginx-show-config.py"))
|
||||
];
|
||||
|
||||
security.acme.defaults.email = "contact@ingolf-wagner.de";
|
||||
|
@ -96,11 +85,7 @@ with lib;
|
|||
root = pkgs.landingpage.override {
|
||||
jsonConfig =
|
||||
let
|
||||
entry =
|
||||
{
|
||||
machine,
|
||||
items ? [ ],
|
||||
}:
|
||||
entry = { machine, items ? [ ] }:
|
||||
{
|
||||
text = machine;
|
||||
items = [
|
||||
|
@ -189,12 +174,14 @@ with lib;
|
|||
{
|
||||
label = "Hetzner Cloud";
|
||||
href = "https://console.hetzner.cloud/projects";
|
||||
image = "https://media.giphy.com/media/NECZ8crkbXR0k/giphy.gif";
|
||||
image =
|
||||
"https://media.giphy.com/media/NECZ8crkbXR0k/giphy.gif";
|
||||
}
|
||||
{
|
||||
label = "Cups";
|
||||
href = "http://localhost:631/";
|
||||
image = "https://media.giphy.com/media/7hU7x4GPurk2c/giphy.gif";
|
||||
image =
|
||||
"https://media.giphy.com/media/7hU7x4GPurk2c/giphy.gif";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
@ -204,42 +191,52 @@ with lib;
|
|||
{
|
||||
label = "NixOS Manual";
|
||||
href = "https://nixos.org/nixos/manual/";
|
||||
image = "https://media.giphy.com/media/dsdVyKkSqccEzoPufX/giphy.gif";
|
||||
image =
|
||||
"https://media.giphy.com/media/dsdVyKkSqccEzoPufX/giphy.gif";
|
||||
}
|
||||
{
|
||||
label = "Nixpkgs Manual";
|
||||
href = "https://nixos.org/nixpkgs/manual/";
|
||||
image = "https://media.giphy.com/media/dsdVyKkSqccEzoPufX/giphy.gif";
|
||||
image =
|
||||
"https://media.giphy.com/media/dsdVyKkSqccEzoPufX/giphy.gif";
|
||||
}
|
||||
{
|
||||
label = "NixOS Reference";
|
||||
href = "https://storage.googleapis.com/files.tazj.in/nixdoc/manual.html#sec-functions-library";
|
||||
image = "https://media.giphy.com/media/LkjlH3rVETgsg/giphy.gif";
|
||||
href =
|
||||
"https://storage.googleapis.com/files.tazj.in/nixdoc/manual.html#sec-functions-library";
|
||||
image =
|
||||
"https://media.giphy.com/media/LkjlH3rVETgsg/giphy.gif";
|
||||
}
|
||||
{
|
||||
label = "Nix Packages";
|
||||
href = "https://nixos.org/nixos/packages.html";
|
||||
image = "https://media.giphy.com/media/l2YWlohvjPnsvkdEc/giphy.gif";
|
||||
image =
|
||||
"https://media.giphy.com/media/l2YWlohvjPnsvkdEc/giphy.gif";
|
||||
}
|
||||
{
|
||||
label = "NixOS Language specific helpers";
|
||||
href = "https://nixos.wiki/wiki/Language-specific_package_helpers";
|
||||
image = "https://media.giphy.com/media/LkjlH3rVETgsg/giphy.gif";
|
||||
href =
|
||||
"https://nixos.wiki/wiki/Language-specific_package_helpers";
|
||||
image =
|
||||
"https://media.giphy.com/media/LkjlH3rVETgsg/giphy.gif";
|
||||
}
|
||||
{
|
||||
label = "NixOS Weekly";
|
||||
href = "https://weekly.nixos.org/";
|
||||
image = "https://media.giphy.com/media/lXiRLb0xFzmreM8k8/giphy.gif";
|
||||
image =
|
||||
"https://media.giphy.com/media/lXiRLb0xFzmreM8k8/giphy.gif";
|
||||
}
|
||||
{
|
||||
label = "NixOS Security";
|
||||
href = "https://broken.sh/";
|
||||
image = "https://media.giphy.com/media/BqILAHjH1Ttm0/giphy.gif";
|
||||
image =
|
||||
"https://media.giphy.com/media/BqILAHjH1Ttm0/giphy.gif";
|
||||
}
|
||||
{
|
||||
label = "NixOS RFCs";
|
||||
href = "https://github.com/NixOS/rfcs/";
|
||||
image = "https://media.giphy.com/media/Uq9bGjGKg08M0/giphy.gif";
|
||||
image =
|
||||
"https://media.giphy.com/media/Uq9bGjGKg08M0/giphy.gif";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
|
|
@ -1,10 +1,4 @@
|
|||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
assets,
|
||||
...
|
||||
}:
|
||||
{ pkgs, config, lib, assets, ... }:
|
||||
with lib;
|
||||
with types;
|
||||
let
|
||||
|
@ -12,7 +6,8 @@ let
|
|||
cfg = config.components.network.sshd;
|
||||
|
||||
# maybe ascii-image-converter is also nice here
|
||||
sshBanner = pkgs.runCommand "ssh-banner" { nativeBuildInputs = [ pkgs.boxes ]; } ''
|
||||
sshBanner = pkgs.runCommand "ssh-banner"
|
||||
{ nativeBuildInputs = [ pkgs.boxes ]; } ''
|
||||
echo "${config.networking.hostName}" | boxes -d ansi -s 80x1 -a r > $out
|
||||
'';
|
||||
|
||||
|
|
|
@ -1,10 +1,4 @@
|
|||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
clanLib,
|
||||
...
|
||||
}:
|
||||
{ pkgs, config, lib, clanLib, ... }:
|
||||
with lib;
|
||||
let
|
||||
publicKey = clanLib.readFact "ssh.id_ed25519.pub";
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ pkgs, config, lib, ... }:
|
||||
with lib;
|
||||
{
|
||||
config = mkIf (config.components.network.sshd.enable) {
|
||||
|
@ -33,66 +28,65 @@ with lib;
|
|||
};
|
||||
gitlab = {
|
||||
hostNames = [ "gitlab.com" ];
|
||||
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY=";
|
||||
publicKey =
|
||||
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY=";
|
||||
};
|
||||
gitlab-bk = {
|
||||
hostNames = [
|
||||
"gitlab.bk-bund-berlin.de"
|
||||
"116.203.133.59"
|
||||
];
|
||||
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCG/sjnOlbrmpUliFtM5fmZTcm2wpUoP5OQEzFrrkkwhstCO9fMty9mp5qnKlezYA9+l78RTd218qFjSKYxTQNw=";
|
||||
hostNames = [ "gitlab.bk-bund-berlin.de" "116.203.133.59" ];
|
||||
publicKey =
|
||||
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCG/sjnOlbrmpUliFtM5fmZTcm2wpUoP5OQEzFrrkkwhstCO9fMty9mp5qnKlezYA9+l78RTd218qFjSKYxTQNw=";
|
||||
};
|
||||
# space-left
|
||||
gitlabSpaceLeft = {
|
||||
hostNames = [ "git.space-left.org" ];
|
||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAapztj8I3xy6Ea8A1q7Mo5C6zdgsK1bguAXcKUDCRBO";
|
||||
publicKey =
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAapztj8I3xy6Ea8A1q7Mo5C6zdgsK1bguAXcKUDCRBO";
|
||||
};
|
||||
# c-base
|
||||
"bnd-cbase" = {
|
||||
hostNames = [ "bnd.cbrp3.c-base.org" ];
|
||||
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKDknNl4M2WZChp1N/eRIpem2AEOceGIqvjo0ptBuwxUn0w0B8MGTVqoI+pnUVypORJRoNrLPOAkmEVr32BDN3E=";
|
||||
publicKey =
|
||||
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKDknNl4M2WZChp1N/eRIpem2AEOceGIqvjo0ptBuwxUn0w0B8MGTVqoI+pnUVypORJRoNrLPOAkmEVr32BDN3E=";
|
||||
};
|
||||
"shell.cbase" = {
|
||||
hostNames = [ "shell.c-base.org" ];
|
||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOBKBn0mZtG3KWxpFqqcog8zvdIVrZmwj+ARujuNIAfo";
|
||||
publicKey =
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOBKBn0mZtG3KWxpFqqcog8zvdIVrZmwj+ARujuNIAfo";
|
||||
};
|
||||
"kgb.cbase" = {
|
||||
hostNames = [ "kgb.cbrp3.c-base.org" ];
|
||||
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAdyl7fnnCqomghJ1TDbh5FWFQWFwoO1Y1U/FpmWd8a9RcQvN0Izhg/7A+7ptDxbmpVii8hqfghlqUwtvVy7jo8=";
|
||||
publicKey =
|
||||
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAdyl7fnnCqomghJ1TDbh5FWFQWFwoO1Y1U/FpmWd8a9RcQvN0Izhg/7A+7ptDxbmpVii8hqfghlqUwtvVy7jo8=";
|
||||
};
|
||||
"cns.cbase" = {
|
||||
hostNames = [ "cns.c-base.org" ];
|
||||
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOtlyLA2nMK9Uqpv4EbWS+rZ9Mx4bAjURmH+zrXkuRGBcU1cKm+TZfWe9/rPX57KaMPBDyIygOJIsM2T5SqX90A=";
|
||||
publicKey =
|
||||
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOtlyLA2nMK9Uqpv4EbWS+rZ9Mx4bAjURmH+zrXkuRGBcU1cKm+TZfWe9/rPX57KaMPBDyIygOJIsM2T5SqX90A=";
|
||||
};
|
||||
"lassulus" = {
|
||||
hostNames = [ "[lassul.us]:45621" ];
|
||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsANFdMi825qWQXQbWLYuNZ6/fARt3lnh1KStQHQQMD";
|
||||
publicKey =
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsANFdMi825qWQXQbWLYuNZ6/fARt3lnh1KStQHQQMD";
|
||||
};
|
||||
renoise = {
|
||||
hostNames = [
|
||||
"*.renoise.com"
|
||||
"renoise.com"
|
||||
"94.130.128.97"
|
||||
];
|
||||
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLXxhBlYQJxgcLqKywpl1tI1N/+B5bkptAnR2a3tsRybq0IHZnIkSRGUYcu5zPwJT+bitVw8BvIaGzxI+Zm2ivE=";
|
||||
hostNames = [ "*.renoise.com" "renoise.com" "94.130.128.97" ];
|
||||
publicKey =
|
||||
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLXxhBlYQJxgcLqKywpl1tI1N/+B5bkptAnR2a3tsRybq0IHZnIkSRGUYcu5zPwJT+bitVw8BvIaGzxI+Zm2ivE=";
|
||||
};
|
||||
git-renoise = {
|
||||
hostNames = [
|
||||
"[git.renoise.com]:2229"
|
||||
"[94.130.128.97]:2229"
|
||||
];
|
||||
publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmIOTjQsD1TaD9MiECcRqwfAXfRdbI+2pkuF+zhBUkrX41NA4LzifPY4Iw3PlklE0YGIOzYyNitzkdgxIWkeqa0Y9iL3gGZBuLFORj5YXWlDKB2RrPAsZRL8y69y4H6RWPpL6DHHsf9eT+HgRzWzzn5nUFLfkCsuM96BqjIKN1pinIBcE6gst1UUSwSTjK8XZA5d4BiSrLF4HiNXnDm+qniYGbGkzZcjn1ua+l0GdGbfg9TotFnSK/QXgN3MeHHDZKnIjOIkOXCY+L5URe0RHo6pBFdj+BLr211AJhB52MrDNudQcY6eSQiJ08LeE6SkcrsQO/VZ/JnOkHxHd2mOyH";
|
||||
hostNames = [ "[git.renoise.com]:2229" "[94.130.128.97]:2229" ];
|
||||
publicKey =
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmIOTjQsD1TaD9MiECcRqwfAXfRdbI+2pkuF+zhBUkrX41NA4LzifPY4Iw3PlklE0YGIOzYyNitzkdgxIWkeqa0Y9iL3gGZBuLFORj5YXWlDKB2RrPAsZRL8y69y4H6RWPpL6DHHsf9eT+HgRzWzzn5nUFLfkCsuM96BqjIKN1pinIBcE6gst1UUSwSTjK8XZA5d4BiSrLF4HiNXnDm+qniYGbGkzZcjn1ua+l0GdGbfg9TotFnSK/QXgN3MeHHDZKnIjOIkOXCY+L5URe0RHo6pBFdj+BLr211AJhB52MrDNudQcY6eSQiJ08LeE6SkcrsQO/VZ/JnOkHxHd2mOyH";
|
||||
};
|
||||
"siteground" = {
|
||||
hostNames = [
|
||||
"[es5.siteground.eu]:18765"
|
||||
"[37.60.224.6]:18765"
|
||||
];
|
||||
publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHZuvHooyHa69rU+SfOghM6yfc7bce5cMi9sh5JkoLPi+m8QEkX3oiG9rRpAhp0GYnB74M4l1+0XlxmG7/HVmq0=";
|
||||
hostNames = [ "[es5.siteground.eu]:18765" "[37.60.224.6]:18765" ];
|
||||
publicKey =
|
||||
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHZuvHooyHa69rU+SfOghM6yfc7bce5cMi9sh5JkoLPi+m8QEkX3oiG9rRpAhp0GYnB74M4l1+0XlxmG7/HVmq0=";
|
||||
};
|
||||
"cracksucht.de" = {
|
||||
hostNames = [ "cracksucht.de" ];
|
||||
publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVqpWzX+C7veO/1MDSdh5ukFhpI4cfXevbl6DVb9gVt1wdYB0JsiMiWfl13MZJy9iEP/KfwRLYmu8i36tDR9uJfHQyLK8G7q2DhrleIPgM3dFCdDU1QtulE8hEq/ZsqzMn/QIHYIipIqzNfmC/xnpX2gIo09T7EY+n863ALlj+GqxMb4nr2XDLY+Lllo2yMzylJIz9q8U5hOmzrlCnBpf2MPMwanHXnZXj2CmO80VyBHnAMJ/h72AN1qzDaHFlhxh0Li/POc1bpDjiVjiUPgimHZWpi3VObxWLLn2zf+RH2lx0yXMccSEnkWvHp+Ll5apIUUS+vTlDo3niWpEfGZLl root@debian";
|
||||
publicKey =
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVqpWzX+C7veO/1MDSdh5ukFhpI4cfXevbl6DVb9gVt1wdYB0JsiMiWfl13MZJy9iEP/KfwRLYmu8i36tDR9uJfHQyLK8G7q2DhrleIPgM3dFCdDU1QtulE8hEq/ZsqzMn/QIHYIipIqzNfmC/xnpX2gIo09T7EY+n863ALlj+GqxMb4nr2XDLY+Lllo2yMzylJIz9q8U5hOmzrlCnBpf2MPMwanHXnZXj2CmO80VyBHnAMJ/h72AN1qzDaHFlhxh0Li/POc1bpDjiVjiUPgimHZWpi3VObxWLLn2zf+RH2lx0yXMccSEnkWvHp+Ll5apIUUS+vTlDo3niWpEfGZLl root@debian";
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
@ -1,34 +1,34 @@
|
|||
{
|
||||
lib,
|
||||
config,
|
||||
clanLib,
|
||||
...
|
||||
}:
|
||||
{ lib, config, clanLib, ... }:
|
||||
with lib;
|
||||
with types;
|
||||
let
|
||||
machines = clanLib.allMachineNames;
|
||||
publicKey = clanLib.readFact "ssh.id_ed25519.pub";
|
||||
tld = config.clan.static-hosts.topLevelDomain;
|
||||
knownHosts = lib.genAttrs machines (machine: {
|
||||
knownHosts = lib.genAttrs machines
|
||||
(machine:
|
||||
{
|
||||
hostNames = [
|
||||
"${machine}"
|
||||
"${machine}.${tld}"
|
||||
"${machine}.private"
|
||||
];
|
||||
publicKey = publicKey machine;
|
||||
});
|
||||
}
|
||||
);
|
||||
bootMachines = clanLib.readFactFromAllMachines "ssh.boot.id_ed25519.pub";
|
||||
knownBootHosts = lib.mapAttrs' (
|
||||
machine: publicKey:
|
||||
nameValuePair "boot_${machine}" {
|
||||
knownBootHosts = lib.mapAttrs'
|
||||
(machine: publicKey: nameValuePair
|
||||
"boot_${machine}"
|
||||
{
|
||||
inherit publicKey;
|
||||
hostNames = [
|
||||
"[${machine}]:2222"
|
||||
"[${machine}.public]:2222"
|
||||
];
|
||||
}
|
||||
) bootMachines;
|
||||
)
|
||||
bootMachines;
|
||||
in
|
||||
{
|
||||
|
||||
|
|
|
@ -1,13 +1,5 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
factsGenerator,
|
||||
clanLib,
|
||||
...
|
||||
}:
|
||||
with lib;
|
||||
{
|
||||
{ config, lib, pkgs, factsGenerator, clanLib, ... }:
|
||||
with lib; {
|
||||
|
||||
# networking.firewall.interfaces."gummybears".allowedTCPPorts = [ 8384 ];
|
||||
|
||||
|
@ -27,12 +19,7 @@ with lib;
|
|||
id = facts."syncthing.pub";
|
||||
addresses = [ "tcp://[${facts."zerotier-ip"}]:22000" ];
|
||||
})
|
||||
(
|
||||
clanLib.readFactsFromAllMachines [
|
||||
"syncthing.pub"
|
||||
"zerotier-ip"
|
||||
]
|
||||
);
|
||||
(clanLib.readFactsFromAllMachines [ "syncthing.pub" "zerotier-ip" ]);
|
||||
device = machine: id: {
|
||||
"${machine}" = {
|
||||
name = machine;
|
||||
|
@ -43,26 +30,20 @@ with lib;
|
|||
in
|
||||
clanMachines
|
||||
// (device "iPhone" "RPQBSRB-DYEUUWQ-EAPMBA2-PL4MJ73-Y4F4ZTH-TAD7DUE-GEK56BG-HYW6YAF")
|
||||
// (device "bumba" "JS7PWTO-VKFGBUP-GNFLSWP-MGFJ2KH-HLO2LKW-V3RPCR6-PCB5SQC-42FCKQZ");
|
||||
// (device "bumba" "JS7PWTO-VKFGBUP-GNFLSWP-MGFJ2KH-HLO2LKW-V3RPCR6-PCB5SQC-42FCKQZ")
|
||||
;
|
||||
|
||||
settings.folders = {
|
||||
|
||||
audiobooks = {
|
||||
enable = lib.mkDefault false;
|
||||
path = lib.mkDefault "/tmp/audiobooks";
|
||||
devices = [
|
||||
"chungus"
|
||||
"orbi"
|
||||
];
|
||||
devices = [ "chungus" "orbi" ];
|
||||
};
|
||||
books = {
|
||||
enable = lib.mkDefault false;
|
||||
path = lib.mkDefault "/tmp/books";
|
||||
devices = [
|
||||
"chungus"
|
||||
"cream"
|
||||
"cherry"
|
||||
];
|
||||
devices = [ "chungus" "cream" "cherry" ];
|
||||
versioning = {
|
||||
type = "simple";
|
||||
params.keep = "2";
|
||||
|
@ -71,20 +52,12 @@ with lib;
|
|||
desktop = {
|
||||
enable = lib.mkDefault false;
|
||||
path = lib.mkDefault "/tmp/desktop";
|
||||
devices = [
|
||||
"chungus"
|
||||
"cream"
|
||||
"cherry"
|
||||
];
|
||||
devices = [ "chungus" "cream" "cherry" ];
|
||||
};
|
||||
finance = {
|
||||
enable = lib.mkDefault false;
|
||||
path = lib.mkDefault "/tmp/finance";
|
||||
devices = [
|
||||
"chungus"
|
||||
"cream"
|
||||
"cherry"
|
||||
];
|
||||
devices = [ "chungus" "cream" "cherry" ];
|
||||
versioning = {
|
||||
type = "simple";
|
||||
params.keep = "10";
|
||||
|
@ -93,46 +66,27 @@ with lib;
|
|||
flix = {
|
||||
enable = lib.mkDefault false;
|
||||
path = lib.mkDefault "/tmp/flix";
|
||||
devices = [
|
||||
"chungus"
|
||||
"orbi"
|
||||
];
|
||||
devices = [ "chungus" "orbi" ];
|
||||
};
|
||||
logseq = {
|
||||
enable = lib.mkDefault false;
|
||||
path = lib.mkDefault "/tmp/logseq";
|
||||
devices = [
|
||||
"chungus"
|
||||
"cream"
|
||||
"cherry"
|
||||
"iPhone"
|
||||
];
|
||||
devices = [ "chungus" "cream" "cherry" "iPhone" ];
|
||||
};
|
||||
lectures = {
|
||||
enable = lib.mkDefault false;
|
||||
path = lib.mkDefault "/tmp/lectures";
|
||||
devices = [
|
||||
"chungus"
|
||||
"orbi"
|
||||
];
|
||||
devices = [ "chungus" "orbi" ];
|
||||
};
|
||||
oscar_cpap = {
|
||||
enable = lib.mkDefault false;
|
||||
path = lib.mkDefault "/tmp/oscar_cpap";
|
||||
devices = [
|
||||
"chungus"
|
||||
"cream"
|
||||
"cherry"
|
||||
];
|
||||
devices = [ "chungus" "cream" "cherry" ];
|
||||
};
|
||||
password-store = {
|
||||
enable = lib.mkDefault false;
|
||||
path = lib.mkDefault "/tmp/password-store";
|
||||
devices = [
|
||||
"chungus"
|
||||
"cream"
|
||||
"cherry"
|
||||
];
|
||||
devices = [ "chungus" "cream" "cherry" ];
|
||||
versioning = {
|
||||
type = "simple";
|
||||
params.keep = "10";
|
||||
|
@ -142,11 +96,7 @@ with lib;
|
|||
share = {
|
||||
enable = lib.mkDefault false;
|
||||
path = lib.mkDefault "/tmp/password-store";
|
||||
devices = [
|
||||
"cream"
|
||||
"cherry"
|
||||
"orbi"
|
||||
];
|
||||
devices = [ "cream" "cherry" "orbi" ];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
@ -1,10 +1,4 @@
|
|||
{
|
||||
lib,
|
||||
config,
|
||||
factsGenerator,
|
||||
clanLib,
|
||||
...
|
||||
}:
|
||||
{ lib, config, factsGenerator, clanLib, ... }:
|
||||
with lib;
|
||||
{
|
||||
|
||||
|
@ -26,21 +20,18 @@ with lib;
|
|||
};
|
||||
|
||||
config = mkMerge [
|
||||
(mkIf config.tinc.private.enable (
|
||||
import ./private.nix {
|
||||
(mkIf config.tinc.private.enable (import ./private.nix {
|
||||
ipv4 = config.tinc.private.ipv4;
|
||||
ipv6 = null;
|
||||
inherit (lib) optionalString concatStringsSep mapAttrsToList;
|
||||
inherit config factsGenerator clanLib;
|
||||
}
|
||||
))
|
||||
(mkIf config.tinc.secret.enable (
|
||||
import ./secret.nix {
|
||||
}))
|
||||
(mkIf config.tinc.secret.enable (import ./secret.nix {
|
||||
ipv4 = config.tinc.secret.ipv4;
|
||||
ipv6 = null;
|
||||
inherit (lib) optionalString concatStringsSep mapAttrsToList;
|
||||
inherit config factsGenerator clanLib;
|
||||
}
|
||||
))
|
||||
}))
|
||||
];
|
||||
}
|
||||
|
||||
|
|
|
@ -1,13 +1,12 @@
|
|||
{
|
||||
ipv4,
|
||||
ipv6,
|
||||
config,
|
||||
optionalString,
|
||||
concatStringsSep,
|
||||
factsGenerator,
|
||||
mapAttrsToList,
|
||||
clanLib,
|
||||
...
|
||||
{ ipv4
|
||||
, ipv6
|
||||
, config
|
||||
, optionalString
|
||||
, concatStringsSep
|
||||
, factsGenerator
|
||||
, mapAttrsToList
|
||||
, clanLib
|
||||
, ...
|
||||
}:
|
||||
let
|
||||
hosts = {
|
||||
|
@ -52,8 +51,7 @@ in
|
|||
|
||||
services.tinc.networks = {
|
||||
${network} = {
|
||||
ed25519PrivateKeyFile =
|
||||
config.clan.core.facts.services.tinc_private.secret."tinc.private.ed25519_key.priv".path;
|
||||
ed25519PrivateKeyFile = config.clan.core.facts.services.tinc_private.secret."tinc.private.ed25519_key.priv".path;
|
||||
interfaceType = "tap";
|
||||
extraConfig = ''
|
||||
LocalDiscovery = yes
|
||||
|
@ -102,8 +100,6 @@ in
|
|||
LinkLocalAddressing = no
|
||||
'';
|
||||
|
||||
networking.extraHosts = concatStringsSep "\n" (
|
||||
mapAttrsToList (name: ip: "${ip} ${name}.${network}") (hosts // subDomains)
|
||||
);
|
||||
networking.extraHosts = concatStringsSep "\n" (mapAttrsToList (name: ip: "${ip} ${name}.${network}") (hosts // subDomains));
|
||||
|
||||
}
|
||||
|
|
|
@ -1,12 +1,11 @@
|
|||
{
|
||||
ipv4,
|
||||
ipv6,
|
||||
config,
|
||||
optionalString,
|
||||
concatStringsSep,
|
||||
mapAttrsToList,
|
||||
factsGenerator,
|
||||
...
|
||||
{ ipv4
|
||||
, ipv6
|
||||
, config
|
||||
, optionalString
|
||||
, concatStringsSep
|
||||
, mapAttrsToList
|
||||
, factsGenerator
|
||||
, ...
|
||||
}:
|
||||
let
|
||||
port = 721;
|
||||
|
@ -24,8 +23,7 @@ in
|
|||
|
||||
services.tinc.networks = {
|
||||
${network} = {
|
||||
ed25519PrivateKeyFile =
|
||||
config.clan.core.facts.services.tinc_secret.secret."tinc.secret.ed25519_key.priv".path;
|
||||
ed25519PrivateKeyFile = config.clan.core.facts.services.tinc_secret.secret."tinc.secret.ed25519_key.priv".path;
|
||||
extraConfig = ''
|
||||
LocalDiscovery = yes
|
||||
Port = ${toString port}
|
||||
|
@ -48,12 +46,7 @@ in
|
|||
settings.Ed25519PublicKey = "r6mRDc814z2YtyG9ev/XXV2SgquqWR8n53V13xNXb7O";
|
||||
};
|
||||
robi = {
|
||||
addresses = [
|
||||
{
|
||||
address = "144.76.13.147";
|
||||
port = port;
|
||||
}
|
||||
];
|
||||
addresses = [{ address = "144.76.13.147"; port = port; }];
|
||||
subnets = [{ address = hosts.robi; }];
|
||||
settings.Ed25519PublicKey = "bZUbSdME4fwudNVbUoNO7PpoOS2xALsyTs81F260KbL";
|
||||
};
|
||||
|
@ -75,37 +68,23 @@ in
|
|||
LinkLocalAddressing = no
|
||||
'';
|
||||
|
||||
networking.extraHosts = concatStringsSep "\n" (
|
||||
mapAttrsToList (name: ip: "${ip} ${name}.${network}") hosts
|
||||
);
|
||||
networking.extraHosts = concatStringsSep "\n" (mapAttrsToList (name: ip: "${ip} ${name}.${network}") hosts);
|
||||
|
||||
services.openssh.knownHosts = {
|
||||
"cream.${network}" = {
|
||||
hostNames = [
|
||||
"cream.${network}"
|
||||
hosts.cream
|
||||
];
|
||||
hostNames = [ "cream.${network}" hosts.cream ];
|
||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIConHiCL7INgAhuN6Z9TqP0zP+xNpdV7+OHwUca4IRDD";
|
||||
};
|
||||
"sternchen.${network}" = {
|
||||
hostNames = [
|
||||
"sterni.${network}"
|
||||
hosts.sterni
|
||||
];
|
||||
hostNames = [ "sterni.${network}" hosts.sterni ];
|
||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILriD/0+65L1mkbjKENwpvB3wUMXz/rEf9J8wuJjJa0q";
|
||||
};
|
||||
"sterni.${network}" = {
|
||||
hostNames = [
|
||||
"sterni.${network}"
|
||||
hosts.sterni
|
||||
];
|
||||
hostNames = [ "sterni.${network}" hosts.sterni ];
|
||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEQRH4gzT4vWSx3KN80ePPYhSPZRUae/qSyEym6pJTht";
|
||||
};
|
||||
"robi" = {
|
||||
hostNames = [
|
||||
"robi.${network}"
|
||||
hosts.robi
|
||||
];
|
||||
hostNames = [ "robi.${network}" hosts.robi ];
|
||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK2PGX6cZuBUGX4VweMzi0aRh4uQ61yngCzZGcK3w5XV";
|
||||
};
|
||||
};
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
{ config, lib, pkgs, ... }:
|
||||
with lib;
|
||||
with types;
|
||||
{
|
||||
|
@ -27,6 +22,7 @@ with types;
|
|||
# Setting this value to 1 means to try activation once, without retry.
|
||||
networking.networkmanager.settings.main.autoconnect-retries-default = 999;
|
||||
|
||||
|
||||
hardware.enableRedistributableFirmware = true;
|
||||
|
||||
# because Networkd-wait-online is just failing.
|
||||
|
@ -51,3 +47,4 @@ with types;
|
|||
};
|
||||
|
||||
}
|
||||
|
||||
|
|
|
@ -28,4 +28,6 @@ with lib;
|
|||
'';
|
||||
};
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
|
|
@ -1,10 +1,5 @@
|
|||
# MIT Jörg Thalheim - https://github.com/Mic92/dotfiles/blob/c6cad4e57016945c4816c8ec6f0a94daaa0c3203/nixos/modules/upgrade-diff.nix
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
{ config, lib, pkgs, ... }:
|
||||
{
|
||||
|
||||
options.components.nixos.update-diff.enable = lib.mkOption {
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ pkgs, config, lib, ... }:
|
||||
with lib;
|
||||
{
|
||||
options.components.terminal.bash.enable = mkOption {
|
||||
|
@ -21,6 +16,7 @@ with lib;
|
|||
|
||||
interactiveShellInit = "set -o vi";
|
||||
|
||||
|
||||
shellAliases = {
|
||||
ls = "ls --color=tty";
|
||||
l = "ls -CFh";
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ config, pkgs, lib, ... }:
|
||||
with lib;
|
||||
{
|
||||
options.components.terminal = {
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ pkgs, config, lib, ... }:
|
||||
with lib;
|
||||
{
|
||||
options.components.terminal.direnv.enable = mkOption {
|
||||
|
@ -17,10 +12,7 @@ with lib;
|
|||
home-manager.sharedModules = [
|
||||
{
|
||||
programs.direnv.enable = true;
|
||||
programs.git.ignores = [
|
||||
".envrc"
|
||||
".direnv"
|
||||
];
|
||||
programs.git.ignores = [ ".envrc" ".direnv" ];
|
||||
}
|
||||
];
|
||||
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ config, pkgs, lib, ... }:
|
||||
with lib;
|
||||
{
|
||||
options.components.terminal.git.enable = mkOption {
|
||||
|
@ -13,6 +8,7 @@ with lib;
|
|||
|
||||
config = mkIf (config.components.terminal.git.enable) {
|
||||
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
git
|
||||
gita
|
||||
|
@ -33,3 +29,4 @@ with lib;
|
|||
];
|
||||
};
|
||||
}
|
||||
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
{ config, lib, pkgs, ... }:
|
||||
with lib;
|
||||
{
|
||||
options.components.terminal.heygpt.enable = mkOption {
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ pkgs, config, lib, ... }:
|
||||
with lib;
|
||||
let
|
||||
hoardSrc = pkgs.fetchFromGitHub {
|
||||
|
@ -36,26 +31,10 @@ in
|
|||
config_home_path = "/home/palo/.config/hoard";
|
||||
trove_path = "/home/palo/.config/hoard/trove.yml";
|
||||
query_prefix = " >";
|
||||
primary_color = [
|
||||
87
|
||||
142
|
||||
87
|
||||
];
|
||||
secondary_color = [
|
||||
203
|
||||
184
|
||||
144
|
||||
];
|
||||
tertiary_color = [
|
||||
30
|
||||
30
|
||||
30
|
||||
];
|
||||
command_color = [
|
||||
30
|
||||
30
|
||||
30
|
||||
];
|
||||
primary_color = [ 87 142 87 ];
|
||||
secondary_color = [ 203 184 144 ];
|
||||
tertiary_color = [ 30 30 30 ];
|
||||
command_color = [ 30 30 30 ];
|
||||
parameter_token = "#";
|
||||
read_from_current_directory = true;
|
||||
};
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ pkgs, config, lib, ... }:
|
||||
with lib;
|
||||
{
|
||||
options.components.terminal.remote-install.enable = mkOption {
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ pkgs, config, lib, ... }:
|
||||
with lib;
|
||||
let
|
||||
|
||||
|
@ -59,8 +54,8 @@ let
|
|||
echo
|
||||
'';
|
||||
|
||||
userHighlight =
|
||||
map ({ user, ... }: user) (builtins.attrValues config.services.browser.configList)
|
||||
userHighlight = map ({ user, ... }: user)
|
||||
(builtins.attrValues config.services.browser.configList)
|
||||
++ [ "steam" ];
|
||||
|
||||
activeUsers = pkgs.writers.writeBash "active-users" ''
|
||||
|
@ -68,20 +63,14 @@ let
|
|||
| ${pkgs.gnused}/bin/sed '1 d' \
|
||||
| ${pkgs.coreutils}/bin/sort \
|
||||
| ${pkgs.coreutils}/bin/uniq \
|
||||
| ${pkgs.gnugrep}/bin/egrep --color=always '(${pkgs.lib.concatStringsSep "|" userHighlight})|$'
|
||||
| ${pkgs.gnugrep}/bin/egrep --color=always '(${
|
||||
pkgs.lib.concatStringsSep "|" userHighlight
|
||||
})|$'
|
||||
'';
|
||||
|
||||
# default settings
|
||||
wtfModule =
|
||||
args@{
|
||||
height ? 1,
|
||||
width ? 1,
|
||||
top,
|
||||
left,
|
||||
enabled ? true,
|
||||
type,
|
||||
...
|
||||
}:
|
||||
args@{ height ? 1, width ? 1, top, left, enabled ? true, type, ... }:
|
||||
{
|
||||
enabled = enabled;
|
||||
focusable = false;
|
||||
|
@ -89,50 +78,33 @@ let
|
|||
position.left = left;
|
||||
position.height = height;
|
||||
position.width = width;
|
||||
}
|
||||
// (lib.filterAttrs (
|
||||
key: _:
|
||||
lib.all (x: x != key) [
|
||||
"height"
|
||||
"width"
|
||||
"top"
|
||||
"left"
|
||||
]
|
||||
) args);
|
||||
} // (lib.filterAttrs
|
||||
(key: _: lib.all (x: x != key) [ "height" "width" "top" "left" ])
|
||||
args);
|
||||
|
||||
# command runner module
|
||||
cmdRunner =
|
||||
args@{ cmd, ... }:
|
||||
wtfModule (
|
||||
{
|
||||
cmdRunner = args@{ cmd, ... }:
|
||||
wtfModule ({
|
||||
type = "cmdrunner";
|
||||
focusable = false;
|
||||
refreshInterval = 300;
|
||||
}
|
||||
// args
|
||||
);
|
||||
} // args);
|
||||
|
||||
modules = {
|
||||
inherit cmdRunner;
|
||||
|
||||
digitalclock =
|
||||
args@{ top, left, ... }:
|
||||
cmdRunner (
|
||||
{
|
||||
digitalclock = args@{ top, left, ... }:
|
||||
cmdRunner ({
|
||||
cmd = pkgs.writers.writeDash "clock" ''
|
||||
${pkgs.toilet}/bin/toilet --font future `${pkgs.coreutils}/bin/date +"%a %H:%M"`
|
||||
${pkgs.coreutils}/bin/date +"%B %d %Y"
|
||||
'';
|
||||
title = "";
|
||||
refreshInterval = 30;
|
||||
}
|
||||
// args
|
||||
);
|
||||
} // args);
|
||||
|
||||
clocks =
|
||||
args@{ top, left, ... }:
|
||||
wtfModule (
|
||||
{
|
||||
clocks = args@{ top, left, ... }:
|
||||
wtfModule ({
|
||||
type = "clocks";
|
||||
title = "";
|
||||
border = false;
|
||||
|
@ -149,37 +121,25 @@ let
|
|||
};
|
||||
sort = "alphabetical";
|
||||
refreshInterval = 60;
|
||||
}
|
||||
// args
|
||||
);
|
||||
} // args);
|
||||
|
||||
resourceusage =
|
||||
args@{ top, left, ... }:
|
||||
wtfModule (
|
||||
{
|
||||
resourceusage = args@{ top, left, ... }:
|
||||
wtfModule ({
|
||||
type = "resourceusage";
|
||||
title = "";
|
||||
cpuCombined = false;
|
||||
refreshInterval = 5;
|
||||
}
|
||||
// args
|
||||
);
|
||||
} // args);
|
||||
|
||||
power =
|
||||
args@{ top, left, ... }:
|
||||
wtfModule (
|
||||
{
|
||||
power = args@{ top, left, ... }:
|
||||
wtfModule ({
|
||||
type = "power";
|
||||
title = "";
|
||||
refreshInterval = 100;
|
||||
}
|
||||
// args
|
||||
);
|
||||
} // args);
|
||||
|
||||
prettyweather =
|
||||
args@{ top, left, ... }:
|
||||
wtfModule (
|
||||
{
|
||||
prettyweather = args@{ top, left, ... }:
|
||||
wtfModule ({
|
||||
type = "prettyweather";
|
||||
title = "";
|
||||
city = "Essen";
|
||||
|
@ -187,19 +147,10 @@ let
|
|||
view = 0;
|
||||
language = "en";
|
||||
refreshInterval = 3600;
|
||||
}
|
||||
// args
|
||||
);
|
||||
} // args);
|
||||
|
||||
feedreader =
|
||||
args@{
|
||||
top,
|
||||
left,
|
||||
feeds,
|
||||
...
|
||||
}:
|
||||
wtfModule (
|
||||
{
|
||||
feedreader = args@{ top, left, feeds, ... }:
|
||||
wtfModule ({
|
||||
type = "feedreader";
|
||||
title = "";
|
||||
refreshInterval = 3600;
|
||||
|
@ -209,20 +160,10 @@ let
|
|||
even = "white";
|
||||
odd = "white";
|
||||
};
|
||||
}
|
||||
// args
|
||||
);
|
||||
} // args);
|
||||
|
||||
github =
|
||||
args@{
|
||||
top,
|
||||
left,
|
||||
username,
|
||||
apiKey,
|
||||
...
|
||||
}:
|
||||
wtfModule (
|
||||
{
|
||||
github = args@{ top, left, username, apiKey, ... }:
|
||||
wtfModule ({
|
||||
type = "github";
|
||||
title = "";
|
||||
refreshInterval = 3600;
|
||||
|
@ -237,9 +178,7 @@ let
|
|||
# - "wtfutil/wtf"
|
||||
# - "wtfutil/docs"
|
||||
# - "umbrella-corp/wesker-api"
|
||||
}
|
||||
// args
|
||||
);
|
||||
} // args);
|
||||
|
||||
};
|
||||
|
||||
|
@ -252,20 +191,8 @@ let
|
|||
normal = "green";
|
||||
};
|
||||
grid = {
|
||||
columns = [
|
||||
28
|
||||
0
|
||||
0
|
||||
];
|
||||
rows = [
|
||||
9
|
||||
9
|
||||
9
|
||||
9
|
||||
9
|
||||
9
|
||||
0
|
||||
];
|
||||
columns = [ 28 0 0 ];
|
||||
rows = [ 9 9 9 9 9 9 0 ];
|
||||
};
|
||||
refreshInterval = 1;
|
||||
mods = with modules; {
|
||||
|
@ -300,7 +227,8 @@ let
|
|||
top = 4;
|
||||
left = 1;
|
||||
height = 1;
|
||||
feeds = [ "https://latesthackingnews.com/category/hacking-tools/feed/" ];
|
||||
feeds =
|
||||
[ "https://latesthackingnews.com/category/hacking-tools/feed/" ];
|
||||
};
|
||||
nixos = feedreader {
|
||||
title = "NixOS Weekly";
|
||||
|
@ -337,20 +265,8 @@ let
|
|||
normal = "green";
|
||||
};
|
||||
grid = {
|
||||
columns = [
|
||||
33
|
||||
12
|
||||
28
|
||||
36
|
||||
0
|
||||
];
|
||||
rows = [
|
||||
9
|
||||
4
|
||||
6
|
||||
6
|
||||
0
|
||||
];
|
||||
columns = [ 33 12 28 36 0 ];
|
||||
rows = [ 9 4 6 6 0 ];
|
||||
};
|
||||
refreshInterval = 1;
|
||||
mods = with modules; {
|
||||
|
@ -396,12 +312,7 @@ let
|
|||
|
||||
calendar = cmdRunner {
|
||||
title = "";
|
||||
args = [
|
||||
"-3"
|
||||
"--monday"
|
||||
"--color=never"
|
||||
"-w"
|
||||
];
|
||||
args = [ "-3" "--monday" "--color=never" "-w" ];
|
||||
cmd = "cal";
|
||||
top = 1;
|
||||
left = 1;
|
||||
|
@ -463,12 +374,9 @@ let
|
|||
};
|
||||
};
|
||||
|
||||
createDashboard =
|
||||
{ json, name }:
|
||||
let
|
||||
configuration = pkgs.writeText "config.yml" (builtins.toJSON json);
|
||||
in
|
||||
pkgs.writers.writeBashBin name ''
|
||||
createDashboard = { json, name }:
|
||||
let configuration = pkgs.writeText "config.yml" (builtins.toJSON json);
|
||||
in pkgs.writers.writeBashBin name ''
|
||||
${pkgs.wtf}/bin/wtfutil --config=${toString configuration}
|
||||
'';
|
||||
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ pkgs, config, lib, ... }:
|
||||
with lib;
|
||||
{
|
||||
options.components.terminal.zsh.enable = mkOption {
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
{ config, lib, pkgs, ... }:
|
||||
with lib;
|
||||
{
|
||||
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
{ config, lib, pkgs, ... }:
|
||||
with lib;
|
||||
{
|
||||
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
{ config, lib, pkgs, ... }:
|
||||
with lib;
|
||||
{
|
||||
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
{ config, lib, pkgs, ... }:
|
||||
with lib;
|
||||
{
|
||||
|
||||
|
|
|
@ -1,12 +1,7 @@
|
|||
# References:
|
||||
# * https://github.com/drduh/YubiKey-Guide
|
||||
# * https://nixos.wiki/wiki/Yubikey
|
||||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ config, pkgs, lib, ... }:
|
||||
with lib;
|
||||
{
|
||||
|
||||
|
@ -21,6 +16,7 @@ with lib;
|
|||
services.pcscd.enable = true;
|
||||
services.udev.packages = [ pkgs.yubikey-personalization ];
|
||||
|
||||
|
||||
environment.systemPackages = [
|
||||
|
||||
pkgs.yubikey-personalization
|
||||
|
|
|
@ -1,11 +1,4 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
factsGenerator,
|
||||
clanLib,
|
||||
...
|
||||
}:
|
||||
{ config, lib, pkgs, factsGenerator, clanLib, ... }:
|
||||
with lib;
|
||||
with types;
|
||||
|
||||
|
@ -18,7 +11,8 @@ with types;
|
|||
kernelModules = mkOption {
|
||||
type = listOf str;
|
||||
default = [ ];
|
||||
description = "nix-shell -p pciutils --run 'lspci -v' will tell you which kernel module is used for the ethernet interface";
|
||||
description =
|
||||
"nix-shell -p pciutils --run 'lspci -v' will tell you which kernel module is used for the ethernet interface";
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -48,3 +42,4 @@ with types;
|
|||
};
|
||||
|
||||
}
|
||||
|
||||
|
|
|
@ -1,11 +1,4 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
factsGenerator,
|
||||
clanLib,
|
||||
...
|
||||
}:
|
||||
{ config, lib, pkgs, factsGenerator, clanLib, ... }:
|
||||
with lib;
|
||||
with types;
|
||||
{
|
||||
|
@ -23,13 +16,14 @@ with types;
|
|||
name = "initrd";
|
||||
addressPrefix = "init";
|
||||
};
|
||||
boot.initrd.secrets = mapAttrs' (name: file: nameValuePair "/etc/tor/onion/bootup/${name}" file) (
|
||||
genAttrs [
|
||||
boot.initrd.secrets =
|
||||
mapAttrs' (name: file: nameValuePair "/etc/tor/onion/bootup/${name}" file)
|
||||
(genAttrs [
|
||||
"hostname"
|
||||
"hs_ed25519_public_key"
|
||||
"hs_ed25519_secret_key"
|
||||
] (secret: config.clan.core.facts.services."initrd.tor".secret."tor.initrd.${secret}".path)
|
||||
);
|
||||
]
|
||||
(secret: config.clan.core.facts.services."initrd.tor".secret."tor.initrd.${secret}".path));
|
||||
|
||||
boot.initrd.systemd.storePaths = [
|
||||
pkgs.tor
|
||||
|
@ -49,10 +43,7 @@ with types;
|
|||
boot.initrd.systemd.services.tor = {
|
||||
description = "tor during init";
|
||||
wantedBy = [ "initrd.target" ];
|
||||
after = [
|
||||
"network.target"
|
||||
"initrd-nixos-copy-secrets.service"
|
||||
];
|
||||
after = [ "network.target" "initrd-nixos-copy-secrets.service" ];
|
||||
before = [ "shutdown.target" ];
|
||||
conflicts = [ "shutdown.target" ];
|
||||
|
||||
|
@ -62,7 +53,8 @@ with types;
|
|||
pkgs.iproute2
|
||||
pkgs.coreutils
|
||||
];
|
||||
script = ''
|
||||
script =
|
||||
''
|
||||
echo "tor: preparing onion folder"
|
||||
# have to do this otherwise tor does not want to start
|
||||
chmod -R 700 /etc/tor
|
||||
|
@ -74,3 +66,4 @@ with types;
|
|||
};
|
||||
};
|
||||
}
|
||||
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
{ config, lib, pkgs, ... }:
|
||||
with lib;
|
||||
{
|
||||
options.features.network.fail2ban.enable = mkOption {
|
||||
|
|
|
@ -1,10 +1,4 @@
|
|||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
assets,
|
||||
...
|
||||
}:
|
||||
{ pkgs, config, lib, assets, ... }:
|
||||
with lib;
|
||||
with types;
|
||||
{
|
||||
|
|
23
flake.lock
23
flake.lock
|
@ -843,8 +843,7 @@
|
|||
"retiolum": "retiolum",
|
||||
"srvos": "srvos",
|
||||
"stylix": "stylix",
|
||||
"taskshell": "taskshell",
|
||||
"treefmt-nix": "treefmt-nix_3"
|
||||
"taskshell": "taskshell"
|
||||
}
|
||||
},
|
||||
"sops-nix": {
|
||||
|
@ -1030,26 +1029,6 @@
|
|||
"repo": "treefmt-nix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"treefmt-nix_3": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1724833132,
|
||||
"narHash": "sha256-F4djBvyNRAXGusJiNYInqR6zIMI3rvlp6WiKwsRISos=",
|
||||
"owner": "numtide",
|
||||
"repo": "treefmt-nix",
|
||||
"rev": "3ffd842a5f50f435d3e603312eefa4790db46af5",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "treefmt-nix",
|
||||
"type": "github"
|
||||
}
|
||||
}
|
||||
},
|
||||
"root": "root",
|
||||
|
|
129
flake.nix
129
flake.nix
|
@ -58,11 +58,6 @@
|
|||
|
||||
srvos.url = "github:nix-community/srvos";
|
||||
|
||||
treefmt-nix = {
|
||||
url = "github:numtide/treefmt-nix";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
landingpage = {
|
||||
#url = "git+file:///home/palo/dev/landingpage";
|
||||
url = "github:mrVanDalo/landingpage";
|
||||
|
@ -96,30 +91,28 @@
|
|||
};
|
||||
|
||||
outputs =
|
||||
inputs@{
|
||||
self,
|
||||
clan-core,
|
||||
clan-fact-generators,
|
||||
flake-parts,
|
||||
home-manager,
|
||||
home-manager-utils,
|
||||
kmonad,
|
||||
landingpage,
|
||||
nixos-anywhere,
|
||||
nixos-hardware,
|
||||
nixpkgs,
|
||||
nixpkgs-legacy_2211,
|
||||
nixpkgs-legacy_2311,
|
||||
nixpkgs-legacy_2405,
|
||||
nixpkgs-unstable-small,
|
||||
permown,
|
||||
polygon-art,
|
||||
private_assets,
|
||||
retiolum,
|
||||
srvos,
|
||||
stylix,
|
||||
taskshell,
|
||||
treefmt-nix,
|
||||
inputs@{ self
|
||||
, clan-core
|
||||
, clan-fact-generators
|
||||
, flake-parts
|
||||
, home-manager
|
||||
, home-manager-utils
|
||||
, kmonad
|
||||
, landingpage
|
||||
, nixos-anywhere
|
||||
, nixos-hardware
|
||||
, nixpkgs
|
||||
, nixpkgs-legacy_2211
|
||||
, nixpkgs-legacy_2311
|
||||
, nixpkgs-legacy_2405
|
||||
, nixpkgs-unstable-small
|
||||
, permown
|
||||
, polygon-art
|
||||
, private_assets
|
||||
, retiolum
|
||||
, srvos
|
||||
, stylix
|
||||
, taskshell
|
||||
}:
|
||||
|
||||
let
|
||||
|
@ -172,10 +165,7 @@
|
|||
inherit inputs;
|
||||
assets = ./assets;
|
||||
factsGenerator = clan-fact-generators.lib { inherit pkgs; };
|
||||
clanLib = import ./lib/clanlib.nix {
|
||||
inherit (pkgs) lib;
|
||||
machineDir = ./machines;
|
||||
};
|
||||
clanLib = import ./lib/clanlib.nix { inherit (pkgs) lib; machineDir = ./machines; };
|
||||
zerotierDeviceName = "ztbn67ogn2";
|
||||
components = ./components;
|
||||
features = ./features;
|
||||
|
@ -183,36 +173,30 @@
|
|||
};
|
||||
|
||||
clanSetup =
|
||||
{
|
||||
name,
|
||||
host,
|
||||
modules,
|
||||
}:
|
||||
{
|
||||
{ name
|
||||
, host
|
||||
, modules
|
||||
}: {
|
||||
|
||||
clan.core.networking.targetHost = lib.mkDefault "root@${host}";
|
||||
nixpkgs.pkgs = meta.pkgs;
|
||||
nixpkgs.hostPlatform = meta.system;
|
||||
clan.core.facts.secretStore = "password-store";
|
||||
|
||||
imports =
|
||||
modules
|
||||
++ defaultModules
|
||||
++ [
|
||||
imports = modules ++ defaultModules ++ [
|
||||
./machines/${name}/configuration.nix
|
||||
];
|
||||
};
|
||||
|
||||
zerotierControllerModule = {
|
||||
zerotierControllerModule =
|
||||
{
|
||||
clan.core.networking.zerotier.controller = {
|
||||
enable = true;
|
||||
public = false;
|
||||
};
|
||||
};
|
||||
|
||||
zerotierModules =
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
zerotierModules = { pkgs, ... }: {
|
||||
imports = [
|
||||
|
||||
# this magically adds all my machines in the zero tier network
|
||||
|
@ -247,9 +231,7 @@
|
|||
_module.args.inputs = self.inputs;
|
||||
}
|
||||
# ssh keys
|
||||
(
|
||||
{ config, ... }:
|
||||
{
|
||||
({ config, ... }: {
|
||||
users.users.root.openssh.authorizedKeys.keyFiles = [
|
||||
# master key
|
||||
./assets/mrvandalo_rsa.pub
|
||||
|
@ -257,8 +239,7 @@
|
|||
"${config.clan.core.clanDir}/machines/chungus/facts/ssh.syncoid.id_ed25519.pub"
|
||||
"${config.clan.core.clanDir}/machines/chungus/facts/ssh.rbackup.id_ed25519.pub"
|
||||
];
|
||||
}
|
||||
)
|
||||
})
|
||||
{
|
||||
# disable emergency mode everywhere, although it might be needed on laptops
|
||||
boot.initrd.systemd.emergencyAccess = false;
|
||||
|
@ -269,20 +250,11 @@
|
|||
systemd.enableEmergencyMode = false;
|
||||
}
|
||||
# configure nix
|
||||
(
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
clanLib,
|
||||
...
|
||||
}:
|
||||
({ pkgs, lib, clanLib, ... }:
|
||||
{
|
||||
nix.settings.substituters = [ "http://cache.orbi.wg0" ];
|
||||
nix.settings.trusted-public-keys = [ (clanLib.readFact "nix-serve.pub" "orbi") ];
|
||||
nix.settings.experimental-features = [
|
||||
"nix-command"
|
||||
"flakes"
|
||||
];
|
||||
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
||||
nix.settings.max-jobs = 1;
|
||||
# no channesl needed this way
|
||||
nix.nixPath = [ "nixpkgs=${pkgs.path}" ];
|
||||
|
@ -310,8 +282,7 @@
|
|||
boot.loader.systemd-boot.configurationLimit = lib.mkDefault 10;
|
||||
boot.loader.generic-extlinux-compatible.configurationLimit = lib.mkDefault 10;
|
||||
boot.loader.grub.configurationLimit = lib.mkDefault 10;
|
||||
}
|
||||
)
|
||||
})
|
||||
# My Structure
|
||||
./components
|
||||
./features
|
||||
|
@ -322,20 +293,15 @@
|
|||
permown.nixosModules.permown
|
||||
kmonad.nixosModules.default
|
||||
# some default things I always want
|
||||
(
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
({ pkgs, ... }: {
|
||||
boot.tmp.useTmpfs = lib.mkDefault true;
|
||||
environment.systemPackages = [
|
||||
pkgs.nixpkgs-fmt
|
||||
];
|
||||
}
|
||||
)
|
||||
})
|
||||
];
|
||||
|
||||
stylixModules =
|
||||
{ pkgs, config, ... }:
|
||||
{
|
||||
stylixModules = { pkgs, config, ... }: {
|
||||
imports = [ stylix.nixosModules.stylix ];
|
||||
stylix.enable = true;
|
||||
stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-light-medium.yaml";
|
||||
|
@ -361,9 +327,7 @@
|
|||
};
|
||||
};
|
||||
|
||||
homeManagerModules =
|
||||
{ pkgs, config, ... }:
|
||||
{
|
||||
homeManagerModules = { pkgs, config, ... }: {
|
||||
imports = [
|
||||
home-manager.nixosModules.home-manager
|
||||
];
|
||||
|
@ -381,9 +345,7 @@
|
|||
|
||||
in
|
||||
|
||||
flake-parts.lib.mkFlake { inherit inputs; } (
|
||||
{ self, pkgs, ... }:
|
||||
{
|
||||
flake-parts.lib.mkFlake { inherit inputs; } ({ self, pkgs, ... }: {
|
||||
# We define our own systems below. you can still use this to add system specific outputs to your flake.
|
||||
# See: https://flake.parts/getting-started
|
||||
systems = [ "x86_64-linux" ];
|
||||
|
@ -391,12 +353,9 @@
|
|||
# import clan-core modules
|
||||
imports = [
|
||||
clan-core.flakeModules.default
|
||||
./nix/formatter.nix
|
||||
];
|
||||
|
||||
perSystem =
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
perSystem = { pkgs, ... }: {
|
||||
packages.pkl = pkgs.callPackage ./pkgs/pkl { };
|
||||
};
|
||||
|
||||
|
@ -537,7 +496,7 @@
|
|||
|
||||
};
|
||||
|
||||
}
|
||||
);
|
||||
});
|
||||
|
||||
}
|
||||
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ pkgs, config, lib, ... }:
|
||||
with lib;
|
||||
{
|
||||
programs.oh-my-posh = {
|
||||
|
|
|
@ -86,9 +86,7 @@
|
|||
},
|
||||
{
|
||||
"background": "#427B58",
|
||||
"background_templates": [
|
||||
"{{ if gt .Code 0 }}#9D0006{{ end }}"
|
||||
],
|
||||
"background_templates": ["{{ if gt .Code 0 }}#9D0006{{ end }}"],
|
||||
"foreground": "#EBDBB2",
|
||||
"leading_diamond": "<transparent,background>\ue0b0</>",
|
||||
"properties": {
|
||||
|
|
|
@ -13,13 +13,9 @@
|
|||
},
|
||||
{
|
||||
"background": "#fbf1c7",
|
||||
"background_templates": [
|
||||
"{{ if .Root }}#af3a03{{ end }}"
|
||||
],
|
||||
"background_templates": ["{{ if .Root }}#af3a03{{ end }}"],
|
||||
"foreground": "#282828",
|
||||
"foreground_templates": [
|
||||
"{{ if .Root }}#fbf1c7{{ end }}"
|
||||
],
|
||||
"foreground_templates": ["{{ if .Root }}#fbf1c7{{ end }}"],
|
||||
"powerline_symbol": "\ue0b0",
|
||||
"style": "powerline",
|
||||
"template": " {{ if .SSHSession }} {{ end }}{{ .HostName }} ",
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ config, pkgs, lib, ... }:
|
||||
with pkgs;
|
||||
with lib;
|
||||
{
|
||||
|
@ -46,6 +41,7 @@ with lib;
|
|||
|
||||
}
|
||||
|
||||
|
||||
(mkIf config.gui.enable {
|
||||
home.packages = [
|
||||
libreoffice
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
lib,
|
||||
pkgs,
|
||||
assets,
|
||||
...
|
||||
}:
|
||||
{ lib, pkgs, assets, ... }:
|
||||
{
|
||||
|
||||
programs.zsh = {
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ config, pkgs, lib, ... }:
|
||||
with pkgs;
|
||||
with lib;
|
||||
{
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
{ pkgs, ... }:
|
||||
{
|
||||
{ pkgs, ... }: {
|
||||
|
||||
imports = [
|
||||
../common
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ config, pkgs, lib, ... }:
|
||||
with lib;
|
||||
{
|
||||
config = mkMerge [
|
||||
|
|
|
@ -10,15 +10,7 @@ with pkgs;
|
|||
key = "42AC51C9482D0834CF488AF1389EC2D64AC71EAC";
|
||||
signByDefault = true;
|
||||
};
|
||||
ignores = [
|
||||
"*.swp"
|
||||
"*~"
|
||||
".idea"
|
||||
".*penis.*"
|
||||
"result"
|
||||
".envrc"
|
||||
".direnv"
|
||||
];
|
||||
ignores = [ "*.swp" "*~" ".idea" ".*penis.*" "result" ".envrc" ".direnv" ];
|
||||
extraConfig = {
|
||||
init.defaultBranch = "main";
|
||||
pull.ff = "only";
|
||||
|
@ -27,6 +19,7 @@ with pkgs;
|
|||
difftastic.enable = true;
|
||||
};
|
||||
|
||||
|
||||
home.packages = [
|
||||
pre-commit
|
||||
gita
|
||||
|
|
|
@ -12,7 +12,8 @@
|
|||
keyserver = "keyserver.ubuntu.com";
|
||||
personal-digest-preferences = "SHA512";
|
||||
cert-digest-algo = "SHA512";
|
||||
default-preference-list = "SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed";
|
||||
default-preference-list =
|
||||
"SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed";
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
pkgs,
|
||||
lib,
|
||||
config,
|
||||
...
|
||||
}:
|
||||
{ pkgs, lib, config, ... }:
|
||||
with lib;
|
||||
{
|
||||
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
lib,
|
||||
pkgs,
|
||||
config,
|
||||
...
|
||||
}:
|
||||
{ lib, pkgs, config, ... }:
|
||||
with lib;
|
||||
{
|
||||
|
||||
|
@ -36,5 +31,6 @@ with lib;
|
|||
};
|
||||
};
|
||||
|
||||
|
||||
};
|
||||
}
|
||||
|
|
|
@ -158,3 +158,4 @@
|
|||
'';
|
||||
|
||||
}
|
||||
|
||||
|
|
|
@ -1,20 +1,8 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
osConfig,
|
||||
...
|
||||
}:
|
||||
{ config, lib, pkgs, osConfig, ... }:
|
||||
with lib;
|
||||
let
|
||||
|
||||
rofi = pkgs.rofi.override {
|
||||
plugins = [
|
||||
pkgs.rofi-emoji
|
||||
pkgs.rofi-calc
|
||||
pkgs.xdotool
|
||||
];
|
||||
};
|
||||
rofi = pkgs.rofi.override { plugins = [ pkgs.rofi-emoji pkgs.rofi-calc pkgs.xdotool ]; };
|
||||
|
||||
backgroundCommand = pkgs.writers.writeDash "background" ''
|
||||
${pkgs.xorg.xrandr}/bin/xrandr | grep " connected" | grep "primary" | \
|
||||
|
@ -152,25 +140,21 @@ in
|
|||
focus = {
|
||||
followMouse = true;
|
||||
};
|
||||
colors.focused = with config.lib.stylix.colors.withHashtag; {
|
||||
colors.focused =
|
||||
with config.lib.stylix.colors.withHashtag;
|
||||
{
|
||||
# stylix color overrides
|
||||
border = lib.mkForce base08;
|
||||
background = lib.mkForce base0A;
|
||||
text = lib.mkForce base00;
|
||||
};
|
||||
startup = [
|
||||
startup =
|
||||
[
|
||||
#{ command = "${pkgs.jellyfin-mpv-shim}/bin/jellyfin-mpv-shim"; always = false; }
|
||||
{ command = "${pkgs.networkmanagerapplet}/bin/nm-applet --indicator"; always = true; }
|
||||
{ command = toString backgroundCommand; always = true; }
|
||||
{
|
||||
command = "${pkgs.networkmanagerapplet}/bin/nm-applet --indicator";
|
||||
always = true;
|
||||
}
|
||||
{
|
||||
command = toString backgroundCommand;
|
||||
always = true;
|
||||
}
|
||||
{
|
||||
command = toString (
|
||||
pkgs.writers.writeDash "xsettings" ''
|
||||
command = toString (pkgs.writers.writeDash "xsettings" ''
|
||||
# to allow sudo commands to access X
|
||||
${pkgs.xorg.xhost}/bin/xhost +
|
||||
# no shitty pcspkr crap
|
||||
|
@ -178,15 +162,13 @@ in
|
|||
# no sleeping monitor
|
||||
${pkgs.xorg.xset}/bin/xset -dpms
|
||||
${pkgs.xorg.xset}/bin/xset s off
|
||||
''
|
||||
);
|
||||
'');
|
||||
always = true;
|
||||
}
|
||||
];
|
||||
bars = [
|
||||
(
|
||||
config.lib.stylix.i3.bar
|
||||
// {
|
||||
(config.lib.stylix.i3.bar //
|
||||
{
|
||||
#mode = "hide";
|
||||
hiddenState = "hide";
|
||||
position = "top";
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
pkgs,
|
||||
lib,
|
||||
config,
|
||||
...
|
||||
}:
|
||||
{ pkgs, lib, config, ... }:
|
||||
with pkgs;
|
||||
with lib;
|
||||
{
|
||||
|
@ -34,18 +29,15 @@ with lib;
|
|||
jetbrains.pycharm-professional
|
||||
|
||||
# planing
|
||||
(
|
||||
(ganttproject-bin.override {
|
||||
((ganttproject-bin.override {
|
||||
jre = pkgs.openjdk11;
|
||||
}).overrideAttrs
|
||||
(old: {
|
||||
}).overrideAttrs (old: {
|
||||
version = "3.1.3100";
|
||||
src = pkgs.fetchzip {
|
||||
url = "https://dl.ganttproject.biz/ganttproject-3.1.3100/ganttproject-3.1.3100.zip";
|
||||
sha256 = "sha256-hw2paak0P670/kemiuqYHIaN0uUtkVKy+AX2X7OdnJ4=";
|
||||
};
|
||||
})
|
||||
)
|
||||
}))
|
||||
|
||||
# Pkl
|
||||
# ---
|
||||
|
@ -109,8 +101,7 @@ with lib;
|
|||
{
|
||||
home.packages =
|
||||
let
|
||||
pandocScript =
|
||||
{ inputFormat, outputFormat }:
|
||||
pandocScript = { inputFormat, outputFormat }:
|
||||
pkgs.writers.writeDashBin "pandoc-from-${inputFormat}-to-${outputFormat}" ''
|
||||
${pkgs.pandoc}/bin/pandoc \
|
||||
--from ${inputFormat} \
|
||||
|
@ -144,26 +135,10 @@ with lib;
|
|||
${pkgs.less}/bin/less
|
||||
'')
|
||||
|
||||
]
|
||||
++ (map pandocScript (
|
||||
lib.cartesianProduct {
|
||||
inputFormat = [
|
||||
"man"
|
||||
"markdown"
|
||||
"mediawiki"
|
||||
"asciidoc"
|
||||
];
|
||||
outputFormat = [
|
||||
"mediawiki"
|
||||
"docbook5"
|
||||
"html5"
|
||||
"man"
|
||||
"jira"
|
||||
"markdown"
|
||||
"asciidoc"
|
||||
];
|
||||
}
|
||||
));
|
||||
] ++ (map pandocScript (lib.cartesianProduct {
|
||||
inputFormat = [ "man" "markdown" "mediawiki" "asciidoc" ];
|
||||
outputFormat = [ "mediawiki" "docbook5" "html5" "man" "jira" "markdown" "asciidoc" ];
|
||||
}));
|
||||
|
||||
}
|
||||
];
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
{ config, lib, pkgs, ... }:
|
||||
with pkgs;
|
||||
with lib;
|
||||
{
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
{ config, lib, pkgs, ... }:
|
||||
with pkgs;
|
||||
with lib;
|
||||
{
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
pkgs,
|
||||
lib,
|
||||
config,
|
||||
...
|
||||
}:
|
||||
{ pkgs, lib, config, ... }:
|
||||
with pkgs;
|
||||
with lib;
|
||||
{
|
||||
|
|
|
@ -1,16 +1,10 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
{ config, lib, pkgs, ... }:
|
||||
with pkgs;
|
||||
with lib;
|
||||
let
|
||||
nextcloud-client = pkgs.legacy_2311.nextcloud-client;
|
||||
|
||||
nextcloudSync =
|
||||
folder:
|
||||
nextcloudSync = folder:
|
||||
let
|
||||
password = "$( ${pkgs.pass}/bin/pass show home/nextcloud/palo/nextcloudcmd-token )";
|
||||
user = "palo";
|
||||
|
@ -22,7 +16,8 @@ let
|
|||
"https://${user}:${password}@nextcloud.ingolf-wagner.de"
|
||||
'';
|
||||
|
||||
borrow = pkgs.writers.writeDashBin "borrow" ''
|
||||
borrow = pkgs.writers.writeDashBin "borrow"
|
||||
''
|
||||
${getExe hledger-ui} \
|
||||
--all \
|
||||
--theme=terminal \
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
{ config, lib, pkgs, ... }:
|
||||
with pkgs;
|
||||
with lib;
|
||||
{
|
||||
|
@ -13,6 +8,7 @@ with lib;
|
|||
# ¯\_(ツ)_/¯
|
||||
home.packages = [
|
||||
|
||||
|
||||
nixos-shell
|
||||
|
||||
# bluetooth gui
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
{ config, lib, pkgs, ... }:
|
||||
with pkgs;
|
||||
with lib;
|
||||
{
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
pkgs,
|
||||
lib,
|
||||
config,
|
||||
...
|
||||
}:
|
||||
{ pkgs, lib, config, ... }:
|
||||
{
|
||||
|
||||
home.packages = [ pkgs.sshuttle ];
|
||||
|
|
|
@ -1,40 +1,21 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ config, pkgs, lib, ... }:
|
||||
with lib;
|
||||
with types;
|
||||
let
|
||||
mkMagicMergeOption =
|
||||
{
|
||||
description ? "",
|
||||
example ? { },
|
||||
default ? { },
|
||||
apply ? id,
|
||||
...
|
||||
}:
|
||||
mkMagicMergeOption = { description ? "", example ? { }, default ? { }, apply ? id, ... }:
|
||||
mkOption {
|
||||
inherit
|
||||
example
|
||||
description
|
||||
default
|
||||
apply
|
||||
;
|
||||
type =
|
||||
with lib.types;
|
||||
inherit example description default apply;
|
||||
type = with lib.types;
|
||||
let
|
||||
valueType =
|
||||
nullOr (oneOf [
|
||||
valueType = nullOr
|
||||
(oneOf [
|
||||
bool
|
||||
int
|
||||
float
|
||||
str
|
||||
(attrsOf valueType)
|
||||
(listOf valueType)
|
||||
])
|
||||
// {
|
||||
]) // {
|
||||
description = "bool, int, float or str";
|
||||
emptyValue.value = { };
|
||||
};
|
||||
|
@ -42,6 +23,7 @@ let
|
|||
valueType;
|
||||
};
|
||||
|
||||
|
||||
taskwarrior-tui = pkgs.legacy_2311.taskwarrior-tui;
|
||||
|
||||
in
|
||||
|
@ -49,8 +31,7 @@ in
|
|||
{
|
||||
|
||||
# bugwarrior (a bit fiddly)
|
||||
imports = [
|
||||
{
|
||||
imports = [{
|
||||
|
||||
options.bugwarrior.config = mkMagicMergeOption {
|
||||
type = attrs;
|
||||
|
@ -58,9 +39,7 @@ in
|
|||
};
|
||||
|
||||
config = {
|
||||
home.file.".config/bugwarrior/bugwarrior.toml".source =
|
||||
(pkgs.formats.toml { }).generate "bugwarriorrc.toml"
|
||||
config.bugwarrior.config;
|
||||
home.file.".config/bugwarrior/bugwarrior.toml".source = (pkgs.formats.toml { }).generate "bugwarriorrc.toml" config.bugwarrior.config;
|
||||
# todo : before deleting this, put it in logseq
|
||||
|
||||
home.packages = [
|
||||
|
@ -82,12 +61,12 @@ in
|
|||
];
|
||||
};
|
||||
|
||||
}
|
||||
];
|
||||
}];
|
||||
|
||||
config = mkIf config.gui.enable {
|
||||
|
||||
home.packages = with pkgs; [
|
||||
home.packages = with pkgs;
|
||||
[
|
||||
|
||||
taskwarrior
|
||||
taskwarrior-tui
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
{ config, lib, pkgs, ... }:
|
||||
with pkgs;
|
||||
with lib;
|
||||
{
|
||||
|
@ -11,14 +6,10 @@ with lib;
|
|||
home.packages = [
|
||||
logseq
|
||||
];
|
||||
home.file.".config/Logseq/Preferences".source =
|
||||
(pkgs.formats.json { }).generate "LogseqPreferences.json"
|
||||
home.file.".config/Logseq/Preferences".source = (pkgs.formats.json { }).generate "LogseqPreferences.json"
|
||||
{
|
||||
spellcheck = {
|
||||
dictionaries = [
|
||||
"en-US"
|
||||
"de-DE"
|
||||
];
|
||||
dictionaries = [ "en-US" "de-DE" ];
|
||||
dictionary = "";
|
||||
};
|
||||
};
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
{ config, lib, pkgs, ... }:
|
||||
with pkgs;
|
||||
with lib;
|
||||
{
|
||||
|
@ -30,7 +25,10 @@ with lib;
|
|||
pdfarranger
|
||||
calibre
|
||||
|
||||
|
||||
];
|
||||
|
||||
|
||||
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,16 +1,11 @@
|
|||
{
|
||||
# cat ~/.ssh/id_rsa.pub
|
||||
publicSshKey ? "",
|
||||
# remote-install-get-hiddenReceiver
|
||||
hiddenReceiver ? "",
|
||||
publicSshKey ? ""
|
||||
, # remote-install-get-hiddenReceiver
|
||||
hiddenReceiver ? ""
|
||||
,
|
||||
}:
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
{
|
||||
{ config, lib, pkgs, ... }: {
|
||||
|
||||
imports = [
|
||||
{
|
||||
|
@ -18,9 +13,7 @@
|
|||
networking.hostName = "liveos";
|
||||
|
||||
users.extraUsers = {
|
||||
root = {
|
||||
openssh.authorizedKeys.keys = [ publicSshKey ];
|
||||
};
|
||||
root = { openssh.authorizedKeys.keys = [ publicSshKey ]; };
|
||||
};
|
||||
}
|
||||
{
|
||||
|
@ -111,20 +104,15 @@
|
|||
client.enable = true;
|
||||
relay.onionServices.hidden-ssh = {
|
||||
version = 3;
|
||||
map = [
|
||||
{
|
||||
map = [{
|
||||
port = 22;
|
||||
target.port = 22;
|
||||
}
|
||||
];
|
||||
}];
|
||||
};
|
||||
};
|
||||
systemd.services.hidden-ssh-announce = {
|
||||
description = "irc announce hidden ssh";
|
||||
after = [
|
||||
"tor.service"
|
||||
"network-online.target"
|
||||
];
|
||||
after = [ "tor.service" "network-online.target" ];
|
||||
wants = [ "tor.service" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
|
|
|
@ -1,13 +1,9 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
|
||||
imports = [
|
||||
imports =
|
||||
[
|
||||
# Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
|
||||
|
@ -46,9 +42,7 @@
|
|||
|
||||
services.openssh.enable = true;
|
||||
|
||||
users.users.root.openssh.authorizedKeys.keys = [
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw== contact@ingolf-wagner.de"
|
||||
];
|
||||
users.users.root.openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw== contact@ingolf-wagner.de" ];
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
|
@ -58,4 +52,5 @@
|
|||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "22.11"; # Did you read the comment?
|
||||
|
||||
|
||||
}
|
||||
|
|
|
@ -4,7 +4,8 @@ let
|
|||
remote-access = import ../lib/remote-access.nix {
|
||||
|
||||
# cat ~/.ssh/id_rsa.pub
|
||||
publicSshKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw==";
|
||||
publicSshKey =
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw==";
|
||||
|
||||
# remote-install-get-hiddenReceiver
|
||||
hiddenReceiver = "";
|
||||
|
|
|
@ -1,22 +1,10 @@
|
|||
{
|
||||
pkgs,
|
||||
lib,
|
||||
config,
|
||||
...
|
||||
}:
|
||||
{
|
||||
users.users.mainUser.extraGroups = [
|
||||
"audio"
|
||||
"pipewire"
|
||||
];
|
||||
{ pkgs, lib, config, ... }: {
|
||||
users.users.mainUser.extraGroups = [ "audio" "pipewire" ];
|
||||
|
||||
hardware.pulseaudio = {
|
||||
enable = true;
|
||||
package = pkgs.pulseaudioFull;
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
alsaUtils
|
||||
pavucontrol
|
||||
];
|
||||
environment.systemPackages = with pkgs; [ alsaUtils pavucontrol ];
|
||||
}
|
||||
|
|
|
@ -1,15 +1,6 @@
|
|||
{
|
||||
pkgs,
|
||||
lib,
|
||||
config,
|
||||
...
|
||||
}:
|
||||
{
|
||||
{ pkgs, lib, config, ... }: {
|
||||
|
||||
imports = [
|
||||
./x11.nix
|
||||
./audio.nix
|
||||
];
|
||||
imports = [ ./x11.nix ./audio.nix ];
|
||||
|
||||
#networking.networkmanager.enable = true;
|
||||
#networking.wireless.enable = false;
|
||||
|
|
|
@ -1,10 +1,4 @@
|
|||
{
|
||||
pkgs,
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{
|
||||
{ pkgs, config, lib, ... }: {
|
||||
|
||||
services.xserver = {
|
||||
enable = true;
|
||||
|
@ -50,11 +44,6 @@
|
|||
|
||||
# Packages
|
||||
# --------
|
||||
environment.systemPackages = with pkgs; [
|
||||
flameshot
|
||||
pavucontrol
|
||||
mumble
|
||||
vlc
|
||||
];
|
||||
environment.systemPackages = with pkgs; [ flameshot pavucontrol mumble vlc ];
|
||||
|
||||
}
|
||||
|
|
|
@ -1,19 +1,17 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
|
||||
imports = [
|
||||
|
||||
imports =
|
||||
[
|
||||
# Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
|
||||
networking.hostName = "nixos";
|
||||
|
||||
|
||||
# grub configuraton
|
||||
# -----------------
|
||||
boot.loader.grub.enable = true;
|
||||
|
@ -43,9 +41,7 @@
|
|||
|
||||
services.openssh.enable = true;
|
||||
|
||||
users.users.root.openssh.authorizedKeys.keys = [
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw== contact@ingolf-wagner.de"
|
||||
];
|
||||
users.users.root.openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw== contact@ingolf-wagner.de" ];
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
|
@ -55,4 +51,5 @@
|
|||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "22.11"; # Did you read the comment?
|
||||
|
||||
|
||||
}
|
||||
|
|
|
@ -8,7 +8,8 @@ let
|
|||
plainTextPassword = "";
|
||||
};
|
||||
remote-access = import ../lib/remote-access.nix {
|
||||
publicSshKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw==";
|
||||
publicSshKey =
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6uza62+Go9sBFs3XZE2OkugBv9PJ7Yv8ebCskE5WYPcahMZIKkQw+zkGI8EGzOPJhQEv2xk+XBf2VOzj0Fto4nh8X5+Llb1nM+YxQPk1SVlwbNAlhh24L1w2vKtBtMy277MF4EP+caGceYP6gki5+DzlPUSdFSAEFFWgN1WPkiyUii15Xi3QuCMR8F18dbwVUYbT11vwNhdiAXWphrQG+yPguALBGR+21JM6fffOln3BhoDUp2poVc5Qe2EBuUbRUV3/fOU4HwWVKZ7KCFvLZBSVFutXCj5HuNWJ5T3RuuxJSmY5lYuFZx9gD+n+DAEJt30iXWcaJlmUqQB5awcB1S2d9pJ141V4vjiCMKUJHIdspFrI23rFNYD9k2ZXDA8VOnQE33BzmgF9xOVh6qr4G0oEpsNqJoKybVTUeSyl4+ifzdQANouvySgLJV/pcqaxX1srSDIUlcM2vDMWAs3ryCa0aAlmAVZIHgRhh6wa+IXW8gIYt+5biPWUuihJ4zGBEwkyVXXf2xsecMWCAGPWPDL0/fBfY9krNfC5M2sqxey2ShFIq+R/wMdaI7yVjUCF2QIUNiIdFbJL6bDrDyHnEXJJN+rAo23jUoTZZRv7Jq3DB/A5H7a73VCcblZyUmwMSlpg3wos7pdw5Ctta3zQPoxoAKGS1uZ+yTeZbPMmdbw==";
|
||||
hiddenReceiver = "";
|
||||
};
|
||||
in
|
||||
|
@ -16,10 +17,7 @@ in
|
|||
|
||||
imports = [ remote-access ];
|
||||
|
||||
environment.systemPackages = [
|
||||
pkgs.chntpw
|
||||
pkgs.ntfs3g
|
||||
];
|
||||
environment.systemPackages = [ pkgs.chntpw pkgs.ntfs3g ];
|
||||
|
||||
networking.dhcpcd.enable = true;
|
||||
networking.wireless = {
|
||||
|
|
|
@ -12,7 +12,8 @@ let
|
|||
sha256 = "0rzy06a5xgfjpaklxdgrxml24d0vhk78lb577l3z4x7a2p32dbyq";
|
||||
};
|
||||
buildInputs = [ pkgs.pandoc ];
|
||||
installPhase = "pandoc --highlight-style pygments -s --toc README.md -o $out";
|
||||
installPhase =
|
||||
"pandoc --highlight-style pygments -s --toc README.md -o $out";
|
||||
};
|
||||
in
|
||||
{
|
||||
|
|
|
@ -3,14 +3,17 @@ let
|
|||
|
||||
allMachineNames = lib.mapAttrsToList (name: _: name) (builtins.readDir machineDir);
|
||||
|
||||
getFactPath = fact: machine: "${machineDir}/${machine}/facts/${fact}";
|
||||
getFactPath = fact: machine:
|
||||
"${machineDir}/${machine}/facts/${fact}";
|
||||
|
||||
readFact =
|
||||
fact: machine:
|
||||
readFact = fact: machine:
|
||||
let
|
||||
path = getFactPath fact machine;
|
||||
in
|
||||
if builtins.pathExists path then builtins.readFile path else null;
|
||||
if builtins.pathExists path then
|
||||
builtins.readFile path
|
||||
else
|
||||
null;
|
||||
|
||||
# Example:
|
||||
#
|
||||
|
@ -19,8 +22,7 @@ let
|
|||
# machineA = "1.2.3.4";
|
||||
# machineB = "5.6.7.8";
|
||||
# };
|
||||
readFactFromAllMachines =
|
||||
fact:
|
||||
readFactFromAllMachines = fact:
|
||||
let
|
||||
machines = allMachineNames;
|
||||
facts = lib.genAttrs machines (readFact fact);
|
||||
|
@ -45,27 +47,18 @@ let
|
|||
# "synching.pub" = "23456719";
|
||||
# };
|
||||
# };
|
||||
readFactsFromAllMachines =
|
||||
facts:
|
||||
readFactsFromAllMachines = facts:
|
||||
let
|
||||
# machine -> fact -> factvalue
|
||||
machinesFactsAttrs = lib.genAttrs allMachineNames (
|
||||
machine: lib.genAttrs facts (fact: readFact fact machine)
|
||||
);
|
||||
machinesFactsAttrs = lib.genAttrs allMachineNames (machine: lib.genAttrs facts (fact: readFact fact machine));
|
||||
# remove all machines which don't have all facts set
|
||||
filteredMachineFactAttrs = lib.filterAttrs (
|
||||
_machine: values: builtins.all (fact: values.${fact} != null) facts
|
||||
) machinesFactsAttrs;
|
||||
filteredMachineFactAttrs =
|
||||
lib.filterAttrs (_machine: values: builtins.all (fact: values.${fact} != null) facts)
|
||||
machinesFactsAttrs;
|
||||
in
|
||||
filteredMachineFactAttrs;
|
||||
|
||||
|
||||
|
||||
in
|
||||
{
|
||||
inherit
|
||||
allMachineNames
|
||||
getFactPath
|
||||
readFact
|
||||
readFactFromAllMachines
|
||||
readFactsFromAllMachines
|
||||
;
|
||||
}
|
||||
{ inherit allMachineNames getFactPath readFact readFactFromAllMachines readFactsFromAllMachines; }
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
interface = "wlp170s0";
|
||||
in
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{ config, pkgs, lib, ... }:
|
||||
{
|
||||
|
||||
imports = [
|
||||
|
@ -42,6 +37,7 @@
|
|||
# (promptKey "pushover.user_key") //
|
||||
# (promptKey "pushover.api_key");
|
||||
|
||||
|
||||
components.virtualisation.enable = true;
|
||||
|
||||
components.gui.enable = true;
|
||||
|
@ -56,13 +52,11 @@
|
|||
components.monitor.opentelemetry.exporter.endpoint = "10.100.0.1:4317"; # orbi
|
||||
#components.monitor.opentelemetry.exporter.debug = "logs";
|
||||
|
||||
|
||||
home-manager.users.mainUser.home.sessionPath = [ "$HOME/.timewarrior/scripts" ];
|
||||
home-manager.users.mainUser.bugwarrior.config = {
|
||||
general = {
|
||||
targets = [
|
||||
"terranix"
|
||||
"my_github"
|
||||
];
|
||||
targets = [ "terranix" "my_github" ];
|
||||
log_level = "INFO";
|
||||
static_fields = [ "priority" ];
|
||||
merge_annotations = false;
|
||||
|
@ -90,15 +84,12 @@
|
|||
add_tags = "github";
|
||||
include_user_issues = true;
|
||||
include_user_repos = true;
|
||||
exclude_repos = [
|
||||
"azubi"
|
||||
"csv-to-qif"
|
||||
"stepp0r"
|
||||
];
|
||||
exclude_repos = [ "azubi" "csv-to-qif" "stepp0r" ];
|
||||
};
|
||||
# todo : add github issues
|
||||
};
|
||||
|
||||
|
||||
users.users.mainUser.extraGroups = [ "pipewire" ];
|
||||
|
||||
services.nginx.enable = true;
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
lib,
|
||||
config,
|
||||
factsGenerator,
|
||||
...
|
||||
}:
|
||||
{ lib, config, factsGenerator, ... }:
|
||||
{
|
||||
imports = [
|
||||
./disko-config.nix
|
||||
|
@ -29,4 +24,6 @@
|
|||
ACTION=="add|change", KERNEL=="sd[a-z]*[0-9]*|mmcblk[0-9]*p[0-9]*|nvme[0-9]*n[0-9]*p[0-9]*", ENV{ID_FS_TYPE}=="zfs_member", ATTR{../queue/scheduler}="none"
|
||||
'';
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
|
|
@ -70,3 +70,4 @@
|
|||
|
||||
};
|
||||
}
|
||||
|
||||
|
|
|
@ -14,8 +14,6 @@
|
|||
hardware.graphics.enable32Bit = true;
|
||||
hardware.graphics.extraPackages32 = with pkgs.pkgsi686Linux; [ intel-vaapi-driver ];
|
||||
|
||||
environment.sessionVariables = {
|
||||
LIBVA_DRIVER_NAME = "i965";
|
||||
}; # Optionally, set the environment variable
|
||||
environment.sessionVariables = { LIBVA_DRIVER_NAME = "i965"; }; # Optionally, set the environment variable
|
||||
|
||||
}
|
||||
|
|
|
@ -1,26 +1,15 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
modulesPath,
|
||||
...
|
||||
}:
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
imports =
|
||||
[
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [
|
||||
"xhci_pci"
|
||||
"thunderbolt"
|
||||
"nvme"
|
||||
"usb_storage"
|
||||
"sd_mod"
|
||||
];
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
|
|
@ -7,10 +7,8 @@
|
|||
networking.retiolum.nodename = "cherry";
|
||||
|
||||
services.tinc.networks.retiolum = {
|
||||
ed25519PrivateKeyFile =
|
||||
config.clan.core.facts.services.tinc_retiolum.secret."tinc.retiolum.ed25519_key.priv".path;
|
||||
rsaPrivateKeyFile =
|
||||
config.clan.core.facts.services.tinc_retiolum.secret."tinc.retiolum.rsa_key.priv".path;
|
||||
ed25519PrivateKeyFile = config.clan.core.facts.services.tinc_retiolum.secret."tinc.retiolum.ed25519_key.priv".path;
|
||||
rsaPrivateKeyFile = config.clan.core.facts.services.tinc_retiolum.secret."tinc.retiolum.rsa_key.priv".path;
|
||||
};
|
||||
|
||||
#fileSystems."/retiolum/sicily" = {
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
{
|
||||
config,
|
||||
factsGenerator,
|
||||
clanLib,
|
||||
...
|
||||
}:
|
||||
{ config, factsGenerator, clanLib, ... }:
|
||||
{
|
||||
networking.firewall.allowedUDPPorts = [ 51820 ];
|
||||
clan.core.facts.services.wireguard = factsGenerator.wireguard { name = "wg0"; };
|
||||
|
|
|
@ -14,14 +14,10 @@
|
|||
};
|
||||
home-manager.users.root.home.packages = [
|
||||
(pkgs.writers.writeBashBin "wg1-up" ''
|
||||
${pkgs.wireguard-tools}/bin/wg-quick up ${
|
||||
config.clan.core.facts.services.wg1.secret."wg1.conf".path
|
||||
}
|
||||
${pkgs.wireguard-tools}/bin/wg-quick up ${config.clan.core.facts.services.wg1.secret."wg1.conf".path}
|
||||
'')
|
||||
(pkgs.writers.writeBashBin "wg1-down" ''
|
||||
${pkgs.wireguard-tools}/bin/wg-quick down ${
|
||||
config.clan.core.facts.services.wg1.secret."wg1.conf".path
|
||||
}
|
||||
${pkgs.wireguard-tools}/bin/wg-quick down ${config.clan.core.facts.services.wg1.secret."wg1.conf".path}
|
||||
'')
|
||||
];
|
||||
}
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue