flake.nix

@@ -142,7 +142,7 @@
             inherit (pkgs) lib;
             machineDir = ./machines;
           };
-          zerotierInterface = "ztbn67ogn2";
+          zerotierDeviceName = "ztbn67ogn2";
           components = ./components;
           features = ./features;
         };

homes/palo/default.nix

@@ -6,6 +6,7 @@
     ./git.nix
     ./gpg.nix
     ./gui
+    #./hyperland.nix
     ./i3.nix
     ./packages
     ./ssh.nix

homes/palo/doom-emacs.nix

@@ -0,0 +1,40 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:
+with lib;
+{
+  config = mkMerge [
+    {
+      home.packages = [ pkgs.ripgrep ];
+    }
+    (mkIf config.gui.enable {
+      programs.doom-emacs = {
+        enable = lib.mkDefault true;
+        doomPrivateDir = ./doom.d;
+        extraConfig = ''
+          ;; "monospace" means use the system default. However, the default is usually two
+          ;; points larger than I'd like, so I specify size 12 here.
+          (setq doom-font
+            (font-spec :family "Jetbrains Mono" :size ${toString 12} :weight 'light))
+          ;;(setq doom-font
+          ;; (font-spec :family "Terminus" :size ${toString 12} :weight 'light))
+        '';
+        #emacsPackagesOverlay = self: super: {
+        #  # fixes https://github.com/vlaci/nix-doom-emacs/issues/394
+        #  gitignore-mode = pkgs.emacsPackages.git-modes;
+        #  gitconfig-mode = pkgs.emacsPackages.git-modes;
+        #};
+      };
+    })
+    (mkIf (!config.gui.enable) {
+      programs.doom-emacs = {
+        enable = lib.mkDefault true;
+        doomPrivateDir = ./doom.d;
+        package = pkgs.emacs-nox;
+      };
+    })
+  ];
+}

homes/palo/doom.d/config.el

@@ -0,0 +1,4 @@
+;; configure theme
+(setq doom-theme 'doom-solarized-light)
+
+

homes/palo/doom.d/init.el

@@ -0,0 +1,187 @@
+;;; init.el -*- lexical-binding: t; -*-
+
+;; This file controls what Doom modules are enabled and what order they load
+;; in. Remember to run 'doom sync' after modifying it!
+
+;; NOTE Press 'SPC h d h' (or 'C-h d h' for non-vim users) to access Doom's
+;;      documentation. There you'll find a "Module Index" link where you'll find
+;;      a comprehensive list of Doom's modules and what flags they support.
+
+;; NOTE Move your cursor over a module's name (or its flags) and press 'K' (or
+;;      'C-c c k' for non-vim users) to view its documentation. This works on
+;;      flags as well (those symbols that start with a plus).
+;;
+;;      Alternatively, press 'gd' (or 'C-c c d') on a module to browse its
+;;      directory (for easy access to its source code).
+
+(doom! :input
+       ;;chinese
+       ;;japanese
+       ;;layout            ; auie,ctsrnm is the superior home row
+
+       :completion
+       company           ; the ultimate code completion backend
+       ;;helm              ; the *other* search engine for love and life
+       ;;ido               ; the other *other* search engine...
+       ivy               ; a search engine for love and life
+
+       :ui
+       ;;deft              ; notational velocity for Emacs
+       doom              ; what makes DOOM look the way it does
+       doom-dashboard    ; a nifty splash screen for Emacs
+       doom-quit         ; DOOM quit-message prompts when you quit Emacs
+       ;;(emoji +unicode)  ; 🙂
+       hl-todo           ; highlight TODO/FIXME/NOTE/DEPRECATED/HACK/REVIEW
+       ;;hydra
+       ;;indent-guides     ; highlighted indent columns
+       ;;ligatures         ; ligatures and symbols to make your code pretty again
+       ;;minimap           ; show a map of the code on the side
+       modeline          ; snazzy, Atom-inspired modeline, plus API
+       ;;nav-flash         ; blink cursor line after big motions
+       ;;neotree           ; a project drawer, like NERDTree for vim
+       ophints           ; highlight the region an operation acts on
+       (popup +defaults)   ; tame sudden yet inevitable temporary windows
+       ;;tabs              ; a tab bar for Emacs
+       ;;treemacs          ; a project drawer, like neotree but cooler
+       ;;unicode           ; extended unicode support for various languages
+       vc-gutter         ; vcs diff in the fringe
+       vi-tilde-fringe   ; fringe tildes to mark beyond EOB
+       ;;window-select     ; visually switch windows
+       workspaces        ; tab emulation, persistence & separate workspaces
+       ;;zen               ; distraction-free coding or writing
+
+       :editor
+       (evil +everywhere); come to the dark side, we have cookies
+       file-templates    ; auto-snippets for empty files
+       fold              ; (nigh) universal code folding
+       ;;(format +onsave)  ; automated prettiness
+       ;;god               ; run Emacs commands without modifier keys
+       ;;lispy             ; vim for lisp, for people who don't like vim
+       ;;multiple-cursors  ; editing in many places at once
+       ;;objed             ; text object editing for the innocent
+       ;;parinfer          ; turn lisp into python, sort of
+       ;;rotate-text       ; cycle region at point between text candidates
+       snippets          ; my elves. They type so I don't have to
+       ;;word-wrap         ; soft wrapping with language-aware indent
+
+       :emacs
+       dired             ; making dired pretty [functional]
+       electric          ; smarter, keyword-based electric-indent
+       ;;ibuffer         ; interactive buffer management
+       undo              ; persistent, smarter undo for your inevitable mistakes
+       vc                ; version-control and Emacs, sitting in a tree
+
+       :term
+       ;;eshell            ; the elisp shell that works everywhere
+       ;;shell             ; simple shell REPL for Emacs
+       ;;term              ; basic terminal emulator for Emacs
+       ;;vterm             ; the best terminal emulation in Emacs
+
+       :checkers
+       syntax              ; tasing you for every semicolon you forget
+       ;;(spell +flyspell) ; tasing you for misspelling mispelling
+       ;;grammar           ; tasing grammar mistake every you make
+
+       :tools
+       ;;ansible
+       ;;debugger          ; FIXME stepping through code, to help you add bugs
+       ;;direnv
+       ;;docker
+       ;;editorconfig      ; let someone else argue about tabs vs spaces
+       ;;ein               ; tame Jupyter notebooks with emacs
+       (eval +overlay)     ; run code, run (also, repls)
+       ;;gist              ; interacting with github gists
+       lookup              ; navigate your code and its documentation
+       ;;lsp               ; M-x vscode
+       magit             ; a git porcelain for Emacs
+       ;;make              ; run make tasks from Emacs
+       ;;pass              ; password manager for nerds
+       ;;pdf               ; pdf enhancements
+       ;;prodigy           ; FIXME managing external services & code builders
+       ;;rgb               ; creating color strings
+       ;;taskrunner        ; taskrunner for all your projects
+       ;;terraform         ; infrastructure as code
+       ;;tmux              ; an API for interacting with tmux
+       ;;upload            ; map local to remote projects via ssh/ftp
+
+       :os
+       (:if IS-MAC macos)  ; improve compatibility with macOS
+       ;;tty               ; improve the terminal Emacs experience
+
+       :lang
+       ;;agda              ; types of types of types of types...
+       ;;beancount         ; mind the GAAP
+       ;;cc                ; C > C++ == 1
+       ;;clojure           ; java with a lisp
+       ;;common-lisp       ; if you've seen one lisp, you've seen them all
+       ;;coq               ; proofs-as-programs
+       ;;crystal           ; ruby at the speed of c
+       ;;csharp            ; unity, .NET, and mono shenanigans
+       ;;data              ; config/data formats
+       ;;(dart +flutter)   ; paint ui and not much else
+       ;;elixir            ; erlang done right
+       ;;elm               ; care for a cup of TEA?
+       emacs-lisp        ; drown in parentheses
+       ;;erlang            ; an elegant language for a more civilized age
+       ;;ess               ; emacs speaks statistics
+       ;;factor
+       ;;faust             ; dsp, but you get to keep your soul
+       ;;fsharp            ; ML stands for Microsoft's Language
+       ;;fstar             ; (dependent) types and (monadic) effects and Z3
+       ;;gdscript          ; the language you waited for
+       ;;(go +lsp)         ; the hipster dialect
+       ;;(haskell +dante)  ; a language that's lazier than I am
+       ;;hy                ; readability of scheme w/ speed of python
+       ;;idris             ; a language you can depend on
+       ;;json              ; At least it ain't XML
+       ;;(java +meghanada) ; the poster child for carpal tunnel syndrome
+       ;;javascript        ; all(hope(abandon(ye(who(enter(here))))))
+       ;;julia             ; a better, faster MATLAB
+       ;;kotlin            ; a better, slicker Java(Script)
+       ;;latex             ; writing papers in Emacs has never been so fun
+       ;;lean              ; for folks with too much to prove
+       ;;ledger            ; be audit you can be
+       ;;lua               ; one-based indices? one-based indices
+       markdown            ; writing docs for people to ignore
+       ;;nim               ; python + lisp at the speed of c
+       nix                 ; I hereby declare "nix geht mehr!"
+       ;;ocaml             ; an objective camel
+       (org +roam2)        ; organize your plain life in plain text
+       ;;php               ; perl's insecure younger brother
+       ;;plantuml          ; diagrams for confusing people more
+       ;;purescript        ; javascript, but functional
+       ;;python            ; beautiful is better than ugly
+       ;;qt                ; the 'cutest' gui framework ever
+       ;;racket            ; a DSL for DSLs
+       ;;raku              ; the artist formerly known as perl6
+       ;;rest              ; Emacs as a REST client
+       ;;rst               ; ReST in peace
+       ;;(ruby +rails)     ; 1.step {|i| p "Ruby is #{i.even? ? 'love' : 'life'}"}
+       ;;rust              ; Fe2O3.unwrap().unwrap().unwrap().unwrap()
+       ;;scala             ; java, but good
+       ;;(scheme +guile)   ; a fully conniving family of lisps
+       sh                ; she sells {ba,z,fi}sh shells on the C xor
+       ;;sml
+       ;;solidity          ; do you need a blockchain? No.
+       ;;swift             ; who asked for emoji variables?
+       ;;terra             ; Earth and Moon in alignment for performance.
+       ;;web               ; the tubes
+       ;;yaml              ; JSON, but readable
+       ;;zig               ; C, but simpler
+
+       :email
+       ;;(mu4e +gmail)
+       ;;notmuch
+       ;;(wanderlust +gmail)
+
+       :app
+       ;;calendar
+       ;;emms
+       ;;everywhere        ; *leave* Emacs!? You must be joking
+       ;;irc               ; how neckbeards socialize
+       ;;(rss +org)        ; emacs as an RSS reader
+       ;;twitter           ; twitter client https://twitter.com/vnought
+
+       :config
+       ;;literate
+       (default +bindings +smartparens))

homes/palo/hyperland.nix

@@ -0,0 +1,160 @@
+{ pkgs, ... }:
+{
+
+  home.file.".config/hypr/hyperland.conf".text = ''
+    autogenerated = 1 # remove this line to remove the warning
+    # See https://wiki.hyprland.org/Configuring/Monitors/
+    monitor=,preferred,auto,auto
+
+    # Some default env vars.
+    env = XCURSOR_SIZE,24
+
+    # For all categories, see https://wiki.hyprland.org/Configuring/Variables/
+    input {
+        kb_layout = us
+        kb_variant =
+        kb_model =
+        kb_options =
+        kb_rules =
+
+        follow_mouse = 1
+
+        touchpad {
+            natural_scroll = no
+        }
+
+        sensitivity = 0 # -1.0 - 1.0, 0 means no modification.
+    }
+
+    general {
+        # See https://wiki.hyprland.org/Configuring/Variables/ for more
+
+        gaps_in = 5
+        gaps_out = 20
+        border_size = 2
+        col.active_border = rgba(33ccffee) rgba(00ff99ee) 45deg
+        col.inactive_border = rgba(595959aa)
+
+        layout = dwindle
+
+        # Please see https://wiki.hyprland.org/Configuring/Tearing/ before you turn this on
+        allow_tearing = false
+    }
+
+    decoration {
+        # See https://wiki.hyprland.org/Configuring/Variables/ for more
+
+        rounding = 10
+
+        blur {
+            enabled = true
+            size = 3
+            passes = 1
+        }
+
+        drop_shadow = yes
+        shadow_range = 4
+        shadow_render_power = 3
+        col.shadow = rgba(1a1a1aee)
+    }
+
+    animations {
+        enabled = yes
+
+        # Some default animations, see https://wiki.hyprland.org/Configuring/Animations/ for more
+
+        bezier = myBezier, 0.05, 0.9, 0.1, 1.05
+
+        animation = windows, 1, 7, myBezier
+        animation = windowsOut, 1, 7, default, popin 80%
+        animation = border, 1, 10, default
+        animation = borderangle, 1, 8, default
+        animation = fade, 1, 7, default
+        animation = workspaces, 1, 6, default
+    }
+
+    dwindle {
+        # See https://wiki.hyprland.org/Configuring/Dwindle-Layout/ for more
+        pseudotile = yes # master switch for pseudotiling. Enabling is bound to mainMod + P in the keybinds section below
+        preserve_split = yes # you probably want this
+    }
+
+    master {
+        # See https://wiki.hyprland.org/Configuring/Master-Layout/ for more
+        new_is_master = true
+    }
+
+    gestures {
+        # See https://wiki.hyprland.org/Configuring/Variables/ for more
+        workspace_swipe = off
+    }
+
+    misc {
+        # See https://wiki.hyprland.org/Configuring/Variables/ for more
+        force_default_wallpaper = -1 # Set to 0 to disable the anime mascot wallpapers
+    }
+
+    # Example per-device config
+    # See https://wiki.hyprland.org/Configuring/Keywords/#executing for more
+    device:epic-mouse-v1 {
+        sensitivity = -0.5
+    }
+
+    # See https://wiki.hyprland.org/Configuring/Keywords/ for more
+    $mainMod = SUPER
+
+    # Example binds, see https://wiki.hyprland.org/Configuring/Binds/ for more
+    bind = $mainMod, enter, exec, alacritty
+    bind = $mainMod, C, killactive,
+    bind = $mainMod, Q, exit,
+    bind = $mainMod, E, exec, dolphin
+    bind = $mainMod, V, togglefloating,
+    bind = $mainMod, R, exec, wofi --show drun
+    bind = $mainMod, P, pseudo, # dwindle
+    bind = $mainMod, J, togglesplit, # dwindle
+
+    # Move focus with mainMod + arrow keys
+    bind = $mainMod, left, movefocus, l
+    bind = $mainMod, right, movefocus, r
+    bind = $mainMod, up, movefocus, u
+    bind = $mainMod, down, movefocus, d
+
+    # Switch workspaces with mainMod + [0-9]
+    bind = $mainMod, 1, workspace, 1
+    bind = $mainMod, 2, workspace, 2
+    bind = $mainMod, 3, workspace, 3
+    bind = $mainMod, 4, workspace, 4
+    bind = $mainMod, 5, workspace, 5
+    bind = $mainMod, 6, workspace, 6
+    bind = $mainMod, 7, workspace, 7
+    bind = $mainMod, 8, workspace, 8
+    bind = $mainMod, 9, workspace, 9
+    bind = $mainMod, 0, workspace, 10
+
+    # Move active window to a workspace with mainMod + SHIFT + [0-9]
+    bind = $mainMod SHIFT, 1, movetoworkspace, 1
+    bind = $mainMod SHIFT, 2, movetoworkspace, 2
+    bind = $mainMod SHIFT, 3, movetoworkspace, 3
+    bind = $mainMod SHIFT, 4, movetoworkspace, 4
+    bind = $mainMod SHIFT, 5, movetoworkspace, 5
+    bind = $mainMod SHIFT, 6, movetoworkspace, 6
+    bind = $mainMod SHIFT, 7, movetoworkspace, 7
+    bind = $mainMod SHIFT, 8, movetoworkspace, 8
+    bind = $mainMod SHIFT, 9, movetoworkspace, 9
+    bind = $mainMod SHIFT, 0, movetoworkspace, 10
+
+    # Example special workspace (scratchpad)
+    bind = $mainMod, S, togglespecialworkspace, magic
+    bind = $mainMod SHIFT, S, movetoworkspace, special:magic
+
+    # Scroll through existing workspaces with mainMod + scroll
+    bind = $mainMod, mouse_down, workspace, e+1
+    bind = $mainMod, mouse_up, workspace, e-1
+
+    # Move/resize windows with mainMod + LMB/RMB and dragging
+    bindm = $mainMod, mouse:272, movewindow
+    bindm = $mainMod, mouse:273, resizewindow
+
+  '';
+
+}

homes/palo/taskwarrior.nix

@@ -42,10 +42,7 @@ let
         valueType;
     };
 
-  #taskwarrior-tui = pkgs.legacy_2311.taskwarrior-tui;
-  taskwarrior-tui = pkgs.taskwarrior-tui;
-
-  taskwarrior = pkgs.taskwarrior3;
+  taskwarrior-tui = pkgs.legacy_2311.taskwarrior-tui;
 
 in
 
@@ -90,28 +87,28 @@ in
 
   config = mkIf config.gui.enable {
 
-    home.packages = [
+    home.packages = with pkgs; [
 
       taskwarrior
       taskwarrior-tui
 
-      pkgs.timewarrior
-      pkgs.tasksh
-      pkgs.taskwarrior-hooks
-      (pkgs.writeShellScriptBin "tsak" ''${taskwarrior}/bin/task "$@"'')
+      timewarrior
+      tasksh
+      taskwarrior-hooks
+      (pkgs.writeShellScriptBin "tsak" ''${pkgs.taskwarrior}/bin/task "$@"'')
 
-      pkgs.vit
+      vit
       (pkgs.writers.writeBashBin "active" "${taskwarrior-tui}/bin/taskwarrior-tui -r active")
       (pkgs.writers.writeBashBin "todo" "${taskwarrior-tui}/bin/taskwarrior-tui -r todo")
 
       (pkgs.writers.writeBashBin "calendar" ''
-        ${taskwarrior}/bin/task calendar
-        ${taskwarrior}/bin/task calendar_report
+        ${pkgs.taskwarrior}/bin/task calendar
+        ${pkgs.taskwarrior}/bin/task calendar_report
       '')
 
       # todo : belongs to calendar.nix
-      pkgs.vdirsyncer
-      pkgs.khal
+      vdirsyncer
+      khal
       (pkgs.writers.writeBashBin "kalendar" ''
         ${pkgs.vdirsyncer}/bin/vdirsyncer sync
         ${pkgs.khal}/bin/ikhal

machines/chungus/sync-syncoid.nix

@@ -25,37 +25,32 @@ in
     # local
     commands.service2 = {
       source = "zroot/services2";
-      target = "zraid/mirror/services2"; # should NOT be created up front!
+      target = "zraid/mirror/services2"; # should not be created up front!
     };
     commands.paperless = {
       source = "zroot/paperless";
-      target = "zraid/mirror/paperless"; # should NOT be created up front!
+      target = "zraid/mirror/paperless"; # should not be created up front!
     };
     commands.postgresql = {
       source = "zroot/postgresql";
-      target = "zraid/mirror/postgresql"; # should NOT be created up front!
+      target = "zraid/mirror/postgresql"; # should not be created up front!
     };
 
     # remote
     commands.matrix-terranix = {
       sshKey = "/run/facts/ssh.syncoid.id_ed25519";
       source = "root@orbi.${tld}:zroot/matrix-terranix";
-      target = "zraid/mirror/matrix-terranix"; # should NOT be created up front!
+      target = "zraid/mirror/matrix-terranix"; # should not be created up front!
     };
     commands.nextcloud = {
       sshKey = "/run/facts/ssh.syncoid.id_ed25519";
       source = "root@orbi.${tld}:zroot/nextcloud";
-      target = "zraid/mirror/nextcloud"; # should NOT be created up front!
+      target = "zraid/mirror/nextcloud"; # should not be created up front!
     };
     commands.photoprism = {
       sshKey = "/run/facts/ssh.syncoid.id_ed25519";
       source = "root@orbi.${tld}:zmedia/photoprism";
-      target = "zraid/mirror/photoprism"; # should NOT be created up front!
-    };
-    commands.taskchampion = {
-      sshKey = "/run/facts/ssh.syncoid.id_ed25519";
-      source = "root@orbi.${tld}:zroot/taskchampion";
-      target = "zraid/mirror/taskchampion"; # should NOT be created up front!
+      target = "zraid/mirror/photoprism"; # should not be created up front!
     };
     commonArgs = [
       # Does not create new snapshot, only transfers existing

machines/orbi/configuration.nix

@@ -19,10 +19,10 @@
     ./service-hedgedoc.nix
     ./service-nix-cache.nix
     ./service-photoprism.nix
-#    ./service-surrealdb.nix # not really needed at the moment
+    #./service-surrealdb.nix # not really needed at the moment
     ./service-taskserver.nix
     ./service-vaultwarden.nix
-#    ./service-vikunja.nix
+    ./service-vikunja.nix
     ./service-wastebin.nix
 
     ./nginx-ingolf-wagner-de.nix
@@ -45,8 +45,6 @@
 
   ];
 
-  networking.firewall.enable = true;
-
   services.logrotate.checkConfig = false; # because uid 3000 does not exist in here
 
   networking.hostName = "orbi";

machines/orbi/hardware-configuration/disko-config.nix

@@ -137,19 +137,6 @@ in
               #"com.sun:auto-snapshot:monthly" = toString true;
             };
           };
-          "taskchampion" = {
-            type = "zfs_fs";
-            mountpoint = config.services.taskchampion-sync-server.dataDir;
-            # "/var/lib/taskchampion-sync-server";
-            options = {
-              mountpoint = "legacy";
-              compression = "lz4";
-              "com.sun:auto-snapshot:hourly" = toString true;
-              "com.sun:auto-snapshot:daily" = toString true;
-              #"com.sun:auto-snapshot:weekly" = toString true;
-              #"com.sun:auto-snapshot:monthly" = toString true;
-            };
-          };
           "vikunja" = {
             type = "zfs_fs";
             mountpoint = "/var/lib/nixos-containers/vikunja";

machines/orbi/service-taskserver.nix

@@ -2,17 +2,26 @@
   config,
   lib,
   pkgs,
-  zerotierInterface,
   ...
 }:
 {
 
-  networking.firewall.interfaces.wg0.allowedTCPPorts = [ config.services.taskchampion-sync-server.port ];
-  networking.firewall.interfaces.wg0.allowedUDPPorts = [ config.services.taskchampion-sync-server.port ];
-
-  services.taskchampion-sync-server = {
+  # todo: backup taskserver via zfs syncoid
+  services.taskserver = {
     enable = true;
-    openFirewall = false;
+    fqdn = "taskd.ingolf-wagner.de";
+    listenHost = "0.0.0.0";
+    requestLimit = 104857600;
+    trust = "strict";
+    dataDir = "/var/lib/taskserver";
+    organisations."1337".users = [
+      "palo"
+      "beta"
+    ];
+    ciphers = "SECURE256";
   };
 
+  networking.firewall.allowedTCPPorts = [ config.services.taskserver.listenPort ];
+  networking.firewall.allowedUDPPorts = [ config.services.taskserver.listenPort ];
+
 }